Search criteria
243 vulnerabilities found for sda660 by qualcomm
VAR-201912-1803
Vulnerability from variot - Updated: 2025-01-30 22:35Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and so on are the products of American Qualcomm. MDM9607 is a central processing unit (CPU) product. MDM9650 is a central processing unit (CPU) product. SDX24 is a modem.
A buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1803",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9607"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9650"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8909"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "630"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "24"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "20"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8074"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8053"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8009"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8939"
},
{
"model": "qcn",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7605"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8939_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcn7605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sda660_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sdm630_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
}
]
},
"cve": "CVE-2019-10605",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10605",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-03571",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10605",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10605",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10605",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10605",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-03571",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-089",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
},
{
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and so on are the products of American Qualcomm. MDM9607 is a central processing unit (CPU) product. MDM9650 is a central processing unit (CPU) product. SDX24 is a modem. \n\r\n\r\nA buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10605"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "CNVD",
"id": "CNVD-2020-03571"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10605",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03571",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-089",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
},
{
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"id": "VAR-201912-1803",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03571"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"other device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03571"
}
]
},
"last_update_date": "2025-01-30T22:35:54.604000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-03571)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/198885"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105625"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10605"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10605"
},
{
"trust": 0.6,
"url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
},
{
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
},
{
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"date": "2019-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-089"
},
{
"date": "2019-12-18T06:15:12.643000",
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03571"
},
{
"date": "2019-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013347"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-089"
},
{
"date": "2024-11-21T04:19:33.833000",
"db": "NVD",
"id": "CVE-2019-10605"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Classic buffer overflow vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013347"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-089"
}
],
"trust": 0.6
}
}
VAR-201907-0886
Vulnerability from variot - Updated: 2025-01-30 22:05Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. A denial-of-service vulnerability An attacker can exploit these issues to execute arbitrary code, and cause a denial-of-service condition. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-123700924, A-114399807, A-123999895, and A-127513046. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0886",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "108555"
}
],
"trust": 0.3
},
"cve": "CVE-2019-2287",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-2287",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-153722",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-2287",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-2287",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-2287",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-083",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-153722",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-2287",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153722"
},
{
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
},
{
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Components are prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. A denial-of-service vulnerability\nAn attacker can exploit these issues to execute arbitrary code, and cause a denial-of-service condition. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-123700924, A-114399807, A-123999895, and A-127513046. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-2287"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "VULHUB",
"id": "VHN-153722"
},
{
"db": "VULMON",
"id": "CVE-2019-2287"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-2287",
"trust": 3.0
},
{
"db": "BID",
"id": "108555",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-083",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-153722",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-2287",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153722"
},
{
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
},
{
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"id": "VAR-201907-0886",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153722"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T22:05:02.260000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin"
},
{
"title": "Qualcomm Video Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93172"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/06/05/android_june_patch/"
},
{
"title": "Patchlocator",
"trust": 0.1,
"url": "https://github.com/seclab-ucr/Patchlocator "
},
{
"title": "Patchlocator",
"trust": 0.1,
"url": "https://github.com/zhangzhenghsy/Patchlocator "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153722"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2287"
},
{
"trust": 0.9,
"url": "http://code.google.com/android/"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9c0fa2ad7dab4d11c866cb4677c3cd2561b829b"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit?id=3186af9f3ece8d5d07a3d62cc1a64b448eab375b"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?h=wlan-cld3.driver.lnx.1.1.r41-rel\u0026id=a01623699ad76fc6947483b063727f417d526df7"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=d056949890ebd0ab90b284c34886e51a6c1e1515"
},
{
"trust": 0.9,
"url": "http://www.qualcomm.com/"
},
{
"trust": 0.9,
"url": "https://source.android.com/security/bulletin/2019-06-01.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2287"
},
{
"trust": 0.7,
"url": "https://www.securityfocus.com/bid/108555"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-june-2019-29461"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/seclab-ucr/patchlocator"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153722"
},
{
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
},
{
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153722"
},
{
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
},
{
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-153722"
},
{
"date": "2019-07-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"date": "2019-06-03T00:00:00",
"db": "BID",
"id": "108555"
},
{
"date": "2019-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"date": "2019-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-083"
},
{
"date": "2019-07-22T14:15:12.893000",
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-23T00:00:00",
"db": "VULHUB",
"id": "VHN-153722"
},
{
"date": "2019-07-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-2287"
},
{
"date": "2019-06-03T00:00:00",
"db": "BID",
"id": "108555"
},
{
"date": "2019-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006654"
},
{
"date": "2019-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-083"
},
{
"date": "2024-11-21T04:40:37.377000",
"db": "NVD",
"id": "CVE-2019-2287"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to out-of-bounds writing in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006654"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-083"
}
],
"trust": 0.6
}
}
VAR-201909-1452
Vulnerability from variot - Updated: 2025-01-30 21:53Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24. plural Snapdragon The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8996AU and others are products of Qualcomm (Qualcomm). MSM8996AU is a central processing unit (CPU) product. SD 712 is a central processing unit (CPU) product. SD 710 is a central processing unit (CPU) product. An input validation error vulnerability exists in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Qualcomm MSM8909W; MSM8996AU; QCS405; QCS605; Qualcomm 215; SD 425; SD 439; SD 429; SD 450; SD 625; SD 632; 710; SD 670; SD 730; SD 820A; SD 845; SD 850; SD 855; SDA660; SDM439; SDM660; SDX20; SDX24
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1452",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sd 632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 429",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 439",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_429_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_439_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
}
]
},
"cve": "CVE-2019-10538",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10538",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-142094",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10538",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10538",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10538",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10538",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-436",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142094",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-436"
},
{
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24. plural Snapdragon The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8996AU and others are products of Qualcomm (Qualcomm). MSM8996AU is a central processing unit (CPU) product. SD 712 is a central processing unit (CPU) product. SD 710 is a central processing unit (CPU) product. An input validation error vulnerability exists in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Qualcomm MSM8909W; MSM8996AU; QCS405; QCS605; Qualcomm 215; SD 425; SD 439; SD 429; SD 450; SD 625; SD 632; 710; SD 670; SD 730; SD 820A; SD 845; SD 850; SD 855; SDA660; SDM439; SDM660; SDX20; SDX24",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10538"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "VULHUB",
"id": "VHN-142094"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10538",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-436",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142094",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-436"
},
{
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"id": "VAR-201909-1452",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142094"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:53:14.785000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "August 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin"
},
{
"title": "Android Qualcomm WLAN Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96175"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-436"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10538"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10538"
},
{
"trust": 0.6,
"url": "https://source.android.com/security/bulletin/2019-08-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-august-2019-29951"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-436"
},
{
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-436"
},
{
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-30T00:00:00",
"db": "VULHUB",
"id": "VHN-142094"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"date": "2019-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-436"
},
{
"date": "2019-09-30T16:15:10.977000",
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142094"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-010017"
},
{
"date": "2020-07-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-436"
},
{
"date": "2024-11-21T04:19:23.477000",
"db": "NVD",
"id": "CVE-2019-10538"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010017"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-436"
}
],
"trust": 0.6
}
}
VAR-201905-0757
Vulnerability from variot - Updated: 2025-01-30 21:49Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple information-disclosure vulnerabilities 3. Multiple security-bypass vulnerabilities 4. Multiple security vulnerabilities 5. Multiple integer overflow vulnerabilities An attacker can exploit these issues to bypass certain security restrictions and to perform unauthorized actions, gain elevated privileges, obtain sensitive information or execute arbitrary code. Failed exploits may result in a denial-of-service condition. These issues are being tracked by Android Bug IDs A-79377832, A-72957385, A-109741680, A-77527719, A-109741946, A-111127853, A-111128575, A-111126050, A-111125792, A-111128301, A-111128420, A-111128838, A-111128797, A-111128421, A-111128578, A-111127989, A-111128877, A-111128841, A-111126532, A-112277221, A-112276863, A-112278150, A-112277910, A-112277186, A-112278861, A-112277891, A-112278405, A-112277852, A-120487136*. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. An input validation error vulnerability exists in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0757",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "107770"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "107770"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11925",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-11925",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-121833",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-11925",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-11925",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-11925",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-084",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121833",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-11925",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121833"
},
{
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
},
{
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. Multiple information-disclosure vulnerabilities\n3. Multiple security-bypass vulnerabilities\n4. Multiple security vulnerabilities\n5. Multiple integer overflow vulnerabilities\nAn attacker can exploit these issues to bypass certain security restrictions and to perform unauthorized actions, gain elevated privileges, obtain sensitive information or execute arbitrary code. Failed exploits may result in a denial-of-service condition. \nThese issues are being tracked by Android Bug IDs A-79377832, A-72957385, A-109741680, A-77527719, A-109741946, A-111127853, A-111128575, A-111126050, A-111125792, A-111128301, A-111128420, A-111128838, A-111128797, A-111128421, A-111128578, A-111127989, A-111128877, A-111128841, A-111126532, A-112277221, A-112276863, A-112278150, A-112277910, A-112277186, A-112278861, A-112277891, A-112278405, A-112277852, A-120487136*. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. An input validation error vulnerability exists in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "BID",
"id": "107770"
},
{
"db": "VULHUB",
"id": "VHN-121833"
},
{
"db": "VULMON",
"id": "CVE-2018-11925"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11925",
"trust": 3.0
},
{
"db": "BID",
"id": "107770",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-084",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-121833",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-11925",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121833"
},
{
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"db": "BID",
"id": "107770"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
},
{
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"id": "VAR-201905-0757",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121833"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:49:00.274000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
},
{
"title": "Android WLAN HOST Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91008"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014April 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cd95df8ce79ebdc8577685322caeeedf"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121833"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11925"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11925"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/107770"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2019-28925"
},
{
"trust": 0.4,
"url": "https://source.android.com/security/bulletin/2019-04-01.html"
},
{
"trust": 0.3,
"url": "http://code.google.com/android/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121833"
},
{
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"db": "BID",
"id": "107770"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
},
{
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121833"
},
{
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"db": "BID",
"id": "107770"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
},
{
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-121833"
},
{
"date": "2019-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"date": "2019-04-01T00:00:00",
"db": "BID",
"id": "107770"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"date": "2019-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-084"
},
{
"date": "2019-05-24T17:29:01.240000",
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-121833"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-11925"
},
{
"date": "2019-04-01T00:00:00",
"db": "BID",
"id": "107770"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015512"
},
{
"date": "2019-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-084"
},
{
"date": "2024-11-21T03:44:15.783000",
"db": "NVD",
"id": "CVE-2018-11925"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015512"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-084"
}
],
"trust": 0.6
}
}
VAR-201912-1791
Vulnerability from variot - Updated: 2025-01-30 21:41Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1791",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8250",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
}
]
},
"cve": "CVE-2019-10614",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10614",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10614",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10614",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10614",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10614",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-843",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
},
{
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10614"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10614",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013284",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201912-843",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
},
{
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"id": "VAR-201912-1791",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:41:41.874000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105544"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10614"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10614"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
},
{
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
},
{
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"date": "2019-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-843"
},
{
"date": "2019-12-18T06:15:12.783000",
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013284"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-843"
},
{
"date": "2024-11-21T04:19:35.453000",
"db": "NVD",
"id": "CVE-2019-10614"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to out-of-bounds writing in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-843"
}
],
"trust": 0.6
}
}
VAR-201907-0243
Vulnerability from variot - Updated: 2025-01-30 21:38Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS404, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm SD 712 is a central processing unit (CPU) product of Qualcomm.
There are vulnerabilities in input verification errors in WLANs in many Qualcomm products. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. There is currently no detailed vulnerability details provided. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-129766496, A-129766125, A-122473271, A-122474808, A-122472479, A-122473168, A-122473304, A-122473496, A-122473989, A-129766432, A-129766099 and A-129766299
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sd 8cx",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "425"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "427"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "430"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "435"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "450"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "625"
},
{
"model": "sd",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "712"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "710"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "670"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "820"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "835"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "850"
},
{
"model": "sd no",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "855"
},
{
"model": "sd 8cx no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405 no",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "BID",
"id": "108986"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca8081_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs404_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "108986"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
}
],
"trust": 0.9
},
"cve": "CVE-2019-2346",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-2346",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-20156",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-153781",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-2346",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-2346",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-2346",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-20156",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-066",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-153781",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-2346",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "VULHUB",
"id": "VHN-153781"
},
{
"db": "VULMON",
"id": "CVE-2019-2346"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
},
{
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS404, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm SD 712 is a central processing unit (CPU) product of Qualcomm. \n\r\n\r\nThere are vulnerabilities in input verification errors in WLANs in many Qualcomm products. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. There is currently no detailed vulnerability details provided. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-129766496, A-129766125, A-122473271, A-122474808, A-122472479, A-122473168, A-122473304, A-122473496, A-122473989, A-129766432, A-129766099 and A-129766299",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-2346"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "BID",
"id": "108986"
},
{
"db": "VULHUB",
"id": "VHN-153781"
},
{
"db": "VULMON",
"id": "CVE-2019-2346"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-2346",
"trust": 3.6
},
{
"db": "BID",
"id": "108986",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-20156",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-153781",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-2346",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "VULHUB",
"id": "VHN-153781"
},
{
"db": "VULMON",
"id": "CVE-2019-2346"
},
{
"db": "BID",
"id": "108986"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
},
{
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"id": "VAR-201907-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "VULHUB",
"id": "VHN-153781"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-20156"
}
]
},
"last_update_date": "2025-01-30T21:38:22.418000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "July 2019 Qualcomm Technologies, Inc. Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20156)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/211553"
},
{
"title": "Multiple Qualcomm Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94300"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-129",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153781"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2346"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/108986"
},
{
"trust": 0.9,
"url": "http://code.google.com/android/"
},
{
"trust": 0.9,
"url": "http://www.qualcomm.com/"
},
{
"trust": 0.9,
"url": "https://source.android.com/security/bulletin/2019-07-01.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2346"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-july-2019-29673"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/129.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "VULHUB",
"id": "VHN-153781"
},
{
"db": "VULMON",
"id": "CVE-2019-2346"
},
{
"db": "BID",
"id": "108986"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
},
{
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"db": "VULHUB",
"id": "VHN-153781"
},
{
"db": "VULMON",
"id": "CVE-2019-2346"
},
{
"db": "BID",
"id": "108986"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
},
{
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"date": "2019-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-153781"
},
{
"date": "2019-07-25T00:00:00",
"db": "VULMON",
"id": "CVE-2019-2346"
},
{
"date": "2019-07-01T00:00:00",
"db": "BID",
"id": "108986"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"date": "2019-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-066"
},
{
"date": "2019-07-25T17:15:14.237000",
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20156"
},
{
"date": "2019-07-30T00:00:00",
"db": "VULHUB",
"id": "VHN-153781"
},
{
"date": "2019-07-30T00:00:00",
"db": "VULMON",
"id": "CVE-2019-2346"
},
{
"date": "2019-07-01T00:00:00",
"db": "BID",
"id": "108986"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007035"
},
{
"date": "2019-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-066"
},
{
"date": "2024-11-21T04:40:45.683000",
"db": "NVD",
"id": "CVE-2019-2346"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to array index verification in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007035"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-066"
}
],
"trust": 0.6
}
}
VAR-201911-1653
Vulnerability from variot - Updated: 2025-01-30 21:22Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1653",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8998_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcn7605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sda660_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sdm636_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sdm660_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
}
]
},
"cve": "CVE-2019-10563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10563",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10563",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10563",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10563",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10563",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1232",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
},
{
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10563",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012284",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1232",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
},
{
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"id": "VAR-201911-1653",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:22:31.079000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "October 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103609"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
},
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10563"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10563"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
},
{
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
},
{
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"date": "2019-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1232"
},
{
"date": "2019-11-21T15:15:12.807000",
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012284"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1232"
},
{
"date": "2024-11-21T04:19:27.773000",
"db": "NVD",
"id": "CVE-2019-10563"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product out-of-bounds vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1232"
}
],
"trust": 0.6
}
}
VAR-201909-1458
Vulnerability from variot - Updated: 2025-01-30 21:16Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX24 is a modem. A buffer error vulnerability exists in WLAN in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1458",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 600",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca9377_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca9379_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
}
]
},
"cve": "CVE-2019-10507",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10507",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142060",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10507",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10507",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10507",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10507",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-167",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142060",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-167"
},
{
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX24 is a modem. A buffer error vulnerability exists in WLAN in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10507"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "VULHUB",
"id": "VHN-142060"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10507",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-167",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142060",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-167"
},
{
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"id": "VAR-201909-1458",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142060"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:16:34.484000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "August 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97929"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-167"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10507"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10507"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-167"
},
{
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-142060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-167"
},
{
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-30T00:00:00",
"db": "VULHUB",
"id": "VHN-142060"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"date": "2019-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-167"
},
{
"date": "2019-09-30T16:15:10.743000",
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142060"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-010013"
},
{
"date": "2019-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-167"
},
{
"date": "2024-11-21T04:19:18.903000",
"db": "NVD",
"id": "CVE-2019-10507"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product out-of-bounds vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-010013"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-167"
}
],
"trust": 0.6
}
}
VAR-201911-1669
Vulnerability from variot - Updated: 2025-01-30 21:06Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1669",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
}
]
},
"cve": "CVE-2019-10503",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10503",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10503",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10503",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10503",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10503",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1234",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
},
{
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10503"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10503",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012330",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1234",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
},
{
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"id": "VAR-201911-1669",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:06:38.270000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "October 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
},
{
"title": "Multiple Qualcomm Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103690"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-129",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10503"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10503"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2020-31267"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
},
{
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
},
{
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"date": "2019-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1234"
},
{
"date": "2019-11-21T15:15:12.650000",
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012330"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1234"
},
{
"date": "2024-11-21T04:19:17.993000",
"db": "NVD",
"id": "CVE-2019-10503"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to array index verification in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012330"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1234"
}
],
"trust": 0.6
}
}
VAR-202006-1297
Vulnerability from variot - Updated: 2025-01-30 20:54Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-1297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "kamorta",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8250",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "saipan",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa415m",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "kamorta",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:kamorta_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
}
]
},
"cve": "CVE-2020-3630",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3630",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006026",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-3630",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006026",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-3630",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-006026",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-075",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
},
{
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3630",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006026",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.1591",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202005-075",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
},
{
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"id": "VAR-202006-1297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:54:51.685000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "May 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
},
{
"title": "Multiple Qualcomm Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120682"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-129",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3630"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3630"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1591/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-may-2020-32179"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
},
{
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
},
{
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"date": "2020-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-075"
},
{
"date": "2020-06-02T15:15:13.930000",
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006026"
},
{
"date": "2022-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-075"
},
{
"date": "2024-11-21T05:31:26.613000",
"db": "NVD",
"id": "CVE-2020-3630"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Buffer error vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006026"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-075"
}
],
"trust": 0.6
}
}
VAR-202004-0665
Vulnerability from variot - Updated: 2025-01-30 20:40Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0665",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6564",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9886",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca4531",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc7180",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
}
]
},
"cve": "CVE-2019-14114",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-14114",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-015418",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-14114",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015418",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14114",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-015418",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-205",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-205"
},
{
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14114"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14114",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015418",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-205",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-205"
},
{
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"id": "VAR-202004-0665",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:40:28.069000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
},
{
"title": "Multiple Qualcomm Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115465"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14114"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14114"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2020-31950"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-205"
},
{
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-205"
},
{
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-205"
},
{
"date": "2020-04-16T11:15:15.260000",
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015418"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-205"
},
{
"date": "2024-11-21T04:26:06.887000",
"db": "NVD",
"id": "CVE-2019-14114"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Integer overflow vulnerability in product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015418"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-205"
}
],
"trust": 0.6
}
}
VAR-201912-1779
Vulnerability from variot - Updated: 2025-01-30 20:39Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm.
The WLAN Host in multiple Qualcomm products has a resource management error vulnerability. No detailed vulnerability details are provided at this time
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1779",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8250",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9607"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9650"
},
{
"model": "msm 8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "605"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "630"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "24"
},
{
"model": "qcs",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "405"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "20"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9206"
},
{
"model": "qca 6574au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "4019"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8064"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8074"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9640"
},
{
"model": "qca 6174a",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9377"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9379"
},
{
"model": "sxr",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "1130"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8081"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8998"
},
{
"model": "nicobar",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "670"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "710"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "6150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8250"
},
{
"model": "sxr",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "2130"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8017"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8053"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8009"
},
{
"model": "apq 8096au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8098"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8917"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8920"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8937"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8940"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8953"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "450"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "55"
},
{
"model": "mdm 9207c",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7605"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
}
]
},
"cve": "CVE-2019-10536",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10536",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-03573",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10536",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10536",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10536",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10536",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-03573",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-094",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-10536",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "VULMON",
"id": "CVE-2019-10536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
},
{
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm. \n\r\n\r\nThe WLAN Host in multiple Qualcomm products has a resource management error vulnerability. No detailed vulnerability details are provided at this time",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "VULMON",
"id": "CVE-2019-10536"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10536",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03573",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-094",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-10536",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "VULMON",
"id": "CVE-2019-10536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
},
{
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"id": "VAR-201912-1779",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03573"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03573"
}
]
},
"last_update_date": "2025-01-30T20:39:28.307000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Patch for Multiple Qualcomm Product Resource Management Error Vulnerabilities (CNVD-2020-03573)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/198865"
},
{
"title": "Multiple Qualcomm Product resource management error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105629"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-415",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10536"
},
{
"trust": 1.7,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10536"
},
{
"trust": 0.6,
"url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/415.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "VULMON",
"id": "CVE-2019-10536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
},
{
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"db": "VULMON",
"id": "CVE-2019-10536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
},
{
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"date": "2019-12-18T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10536"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-094"
},
{
"date": "2019-12-18T06:15:11.847000",
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03573"
},
{
"date": "2019-12-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10536"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013385"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-094"
},
{
"date": "2024-11-21T04:19:23.160000",
"db": "NVD",
"id": "CVE-2019-10536"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Double release vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013385"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-094"
}
],
"trust": 0.6
}
}
VAR-201912-1723
Vulnerability from variot - Updated: 2025-01-30 20:28Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1723",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
}
]
},
"cve": "CVE-2019-10572",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10572",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10572",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10572",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10572",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10572",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-842",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
},
{
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10572"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10572",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013382",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201912-842",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
},
{
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"id": "VAR-201912-1723",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:28:15.978000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Multiple Qualcomm Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105754"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10572"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10572"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
},
{
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
},
{
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"date": "2019-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-842"
},
{
"date": "2019-12-18T06:15:12.253000",
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013382"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-842"
},
{
"date": "2024-11-21T04:19:28.877000",
"db": "NVD",
"id": "CVE-2019-10572"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013382"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-842"
}
],
"trust": 0.6
}
}
VAR-201912-1751
Vulnerability from variot - Updated: 2025-01-30 20:22Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm.
A buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1751",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9980",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9607"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9650"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8909"
},
{
"model": "msm 8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "605"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "630"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "24"
},
{
"model": "msm 8909w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "20"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9206"
},
{
"model": "qca 6574au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "4019"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8064"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8074"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9640"
},
{
"model": "qca 6174a",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9377"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9379"
},
{
"model": "sxr",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "1130"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "670"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "710"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "6150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8150"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8017"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8053"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8009"
},
{
"model": "apq 8096au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8098"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9615"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8917"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8920"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8937"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8939"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8940"
},
{
"model": "mdm 9207c",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7605"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9980"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
}
]
},
"cve": "CVE-2019-10480",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10480",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-03579",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10480",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10480",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10480",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10480",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-03579",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-095",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
},
{
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm. \n\r\n\r\nA buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10480"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "CNVD",
"id": "CNVD-2020-03579"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10480",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03579",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-095",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
},
{
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"id": "VAR-201912-1751",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03579"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03579"
}
]
},
"last_update_date": "2025-01-30T20:22:19.274000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-03579)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/198809"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105630"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-120",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10480"
},
{
"trust": 1.2,
"url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10480"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
},
{
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
},
{
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-095"
},
{
"date": "2019-12-18T06:15:11.017000",
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03579"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013362"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-095"
},
{
"date": "2024-11-21T04:19:14.297000",
"db": "NVD",
"id": "CVE-2019-10480"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Classic buffer overflow vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013362"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-095"
}
],
"trust": 0.6
}
}
VAR-202004-0664
Vulnerability from variot - Updated: 2025-01-30 20:21Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0664",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6564",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9886",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca4531",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc7180",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
}
]
},
"cve": "CVE-2019-14113",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-14113",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-015417",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-14113",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015417",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14113",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-015417",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-208",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-208"
},
{
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14113"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14113",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015417",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-208",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-208"
},
{
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"id": "VAR-202004-0664",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:21:47.115000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
},
{
"title": "Multiple Qualcomm Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115467"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-208"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.8
},
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14113"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14113"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2020-31950"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-208"
},
{
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-208"
},
{
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-208"
},
{
"date": "2020-04-16T11:15:15.183000",
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015417"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-208"
},
{
"date": "2024-11-21T04:26:06.723000",
"db": "NVD",
"id": "CVE-2019-14113"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Integer overflow vulnerability in product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015417"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-208"
}
],
"trust": 0.6
}
}
VAR-202004-0676
Vulnerability from variot - Updated: 2025-01-30 20:20Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0676",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6564",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9886",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca4531",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc7180",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
}
]
},
"cve": "CVE-2019-14110",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-14110",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-015415",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-14110",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015415",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14110",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-015415",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-216",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-216"
},
{
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14110"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14110",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015415",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-216",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-216"
},
{
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"id": "VAR-202004-0676",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:20:06.433000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115472"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14110"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14110"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2020-31950"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-216"
},
{
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-216"
},
{
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"date": "2020-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-216"
},
{
"date": "2020-04-16T11:15:15.027000",
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015415"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-216"
},
{
"date": "2024-11-21T04:26:06.273000",
"db": "NVD",
"id": "CVE-2019-14110"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015415"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-216"
}
],
"trust": 0.6
}
}
VAR-201912-1724
Vulnerability from variot - Updated: 2025-01-30 20:07Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24. plural Snapdragon The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product.
An input validation error vulnerability exists in WLANs in several Qualcomm products, which can be exploited by an attacker to cause buffer coverage
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1724",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9880",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9886",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca4531",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9558",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9980",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8053"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8009"
},
{
"model": "apq 8096au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8064"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "4019"
},
{
"model": "ipq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8064"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9607"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9650"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9206"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9640"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9615"
},
{
"model": "mdm 9207c",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8909"
},
{
"model": "msm 8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm 8909w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8939"
},
{
"model": "qca 6574au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca 6174a",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9377"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9379"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9980"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "4531"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9558"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9880"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9886"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "630"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "24"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
}
]
},
"cve": "CVE-2019-10595",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10595",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-03576",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10595",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10595",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10595",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10595",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-03576",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-091",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
},
{
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24. plural Snapdragon The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. \n\r\n\r\nAn input validation error vulnerability exists in WLANs in several Qualcomm products, which can be exploited by an attacker to cause buffer coverage",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10595"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "CNVD",
"id": "CNVD-2020-03576"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10595",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03576",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-091",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
},
{
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"id": "VAR-201912-1724",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03576"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03576"
}
]
},
"last_update_date": "2025-01-30T20:07:06.425000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Patch for Multiple Qualcomm Product Input Validation Error Vulnerabilities (CNVD-2020-03576)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/198877"
},
{
"title": "Multiple Qualcomm Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105627"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
},
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10595"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10595"
},
{
"trust": 0.6,
"url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
},
{
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
},
{
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-091"
},
{
"date": "2019-12-18T06:15:12.377000",
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03576"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013364"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-091"
},
{
"date": "2024-11-21T04:19:32.327000",
"db": "NVD",
"id": "CVE-2019-10595"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013364"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-091"
}
],
"trust": 0.6
}
}
VAR-202003-1285
Vulnerability from variot - Updated: 2025-01-30 19:54Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCS404, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1285",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipq6018",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8250",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6584",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq6018",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:nicobar_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
}
]
},
"cve": "CVE-2019-10546",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10546",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-014773",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10546",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-014773",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10546",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-014773",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-141",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCS404, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10546"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10546",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014773",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"id": "VAR-202003-1285",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T19:54:34.717000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "March 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"title": "Multiple Qualcomm product WLAN Fix for component buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111249"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10546"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10546"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"date": "2020-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"date": "2020-03-05T09:15:15.423000",
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014773"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-141"
},
{
"date": "2024-11-21T04:19:25.217000",
"db": "NVD",
"id": "CVE-2019-10546"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014773"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-141"
}
],
"trust": 0.6
}
}
VAR-201907-0872
Vulnerability from variot - Updated: 2025-01-30 19:54Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. A denial-of-service vulnerability An attacker can exploit these issues to execute arbitrary code, and cause a denial-of-service condition. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-123700924, A-114399807, A-123999895, and A-127513046. Qualcomm MDM9650 and others are products of Qualcomm (Qualcomm). MDM9650 is a central processing unit (CPU) product. MSM8996AU is a central processing unit (CPU) product. QCA6574AU is a central processing unit (CPU) product. A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0872",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "108555"
}
],
"trust": 0.3
},
"cve": "CVE-2019-2292",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-2292",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-153727",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-2292",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-2292",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-2292",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-082",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-153727",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-2292",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153727"
},
{
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
},
{
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Components are prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. A denial-of-service vulnerability\nAn attacker can exploit these issues to execute arbitrary code, and cause a denial-of-service condition. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-123700924, A-114399807, A-123999895, and A-127513046. Qualcomm MDM9650 and others are products of Qualcomm (Qualcomm). MDM9650 is a central processing unit (CPU) product. MSM8996AU is a central processing unit (CPU) product. QCA6574AU is a central processing unit (CPU) product. A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-2292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "VULHUB",
"id": "VHN-153727"
},
{
"db": "VULMON",
"id": "CVE-2019-2292"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-2292",
"trust": 3.0
},
{
"db": "BID",
"id": "108555",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-082",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-153727",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-2292",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153727"
},
{
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
},
{
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"id": "VAR-201907-0872",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153727"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T19:54:01.269000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin"
},
{
"title": "Qualcomm WLAN HOST Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93171"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/06/05/android_june_patch/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153727"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2292"
},
{
"trust": 0.9,
"url": "http://code.google.com/android/"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9c0fa2ad7dab4d11c866cb4677c3cd2561b829b"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit?id=3186af9f3ece8d5d07a3d62cc1a64b448eab375b"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?h=wlan-cld3.driver.lnx.1.1.r41-rel\u0026id=a01623699ad76fc6947483b063727f417d526df7"
},
{
"trust": 0.9,
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=d056949890ebd0ab90b284c34886e51a6c1e1515"
},
{
"trust": 0.9,
"url": "http://www.qualcomm.com/"
},
{
"trust": 0.9,
"url": "https://source.android.com/security/bulletin/2019-06-01.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2292"
},
{
"trust": 0.7,
"url": "https://www.securityfocus.com/bid/108555"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-june-2019-29461"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153727"
},
{
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
},
{
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153727"
},
{
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"db": "BID",
"id": "108555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
},
{
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-153727"
},
{
"date": "2019-07-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"date": "2019-06-03T00:00:00",
"db": "BID",
"id": "108555"
},
{
"date": "2019-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"date": "2019-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-082"
},
{
"date": "2019-07-22T14:15:12.973000",
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-153727"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-2292"
},
{
"date": "2019-06-03T00:00:00",
"db": "BID",
"id": "108555"
},
{
"date": "2019-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006573"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-082"
},
{
"date": "2024-11-21T04:40:38.020000",
"db": "NVD",
"id": "CVE-2019-2292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006573"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-082"
}
],
"trust": 0.6
}
}
VAR-201906-0811
Vulnerability from variot - Updated: 2025-01-30 19:52Failure to initialize the reserved memory which is sent to the firmware might lead to exposure of 1 byte of uninitialized kernel SKB memory to FW in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an information disclosure vulnerability.Information may be obtained. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem. WLAN is one of the wireless local area network components. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. The following products and versions are affected: Qualcomm IPQ4019; IPQ8064; IPQ8074; MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; SD 675; SD 712; SD 710; SD 670; SD 730; SD 820A; SD 835; SD 845; SD 850; SD 855; SDA660;
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0811",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq4019",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8064",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
}
]
},
"cve": "CVE-2018-11942",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-11942",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-121852",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-11942",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-11942",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-11942",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-607",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-121852",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121852"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
},
{
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to initialize the reserved memory which is sent to the firmware might lead to exposure of 1 byte of uninitialized kernel SKB memory to FW in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an information disclosure vulnerability.Information may be obtained. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem. WLAN is one of the wireless local area network components. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. The following products and versions are affected: Qualcomm IPQ4019; IPQ8064; IPQ8074; MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; SD 675; SD 712; SD 710; SD 670; SD 730; SD 820A; SD 835; SD 845; SD 850; SD 855; SDA660;",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11942"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "VULHUB",
"id": "VHN-121852"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11942",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-607",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-121852",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121852"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
},
{
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"id": "VAR-201906-0811",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121852"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T19:52:55.521000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "May 2019 Code Aurora Security Bulletin (CVE-2018-11942)",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin"
},
{
"title": "Multiple Qualcomm product WLAN Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93824"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121852"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11942"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11942"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121852"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
},
{
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121852"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
},
{
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-121852"
},
{
"date": "2019-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"date": "2019-06-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-607"
},
{
"date": "2019-06-14T17:29:00.470000",
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-18T00:00:00",
"db": "VULHUB",
"id": "VHN-121852"
},
{
"date": "2019-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015660"
},
{
"date": "2019-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-607"
},
{
"date": "2024-11-21T03:44:17.883000",
"db": "NVD",
"id": "CVE-2018-11942"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Information disclosure vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015660"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-607"
}
],
"trust": 0.6
}
}
VAR-201911-1671
Vulnerability from variot - Updated: 2025-01-30 19:51Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1671",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sd 632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 8cx",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "snapdragon high med 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
}
]
},
"cve": "CVE-2019-10496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10496",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10496",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10496",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10496",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10496",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-172",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
},
{
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10496",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011554",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-172",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
},
{
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"id": "VAR-201911-1671",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T19:51:43.468000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
"trust": 0.8,
"url": "https://source.android.com/security/bulletin/"
},
{
"title": "Multiple Qualcomm Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97934"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://source.android.com/security/bulletin/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10496"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10496"
},
{
"trust": 0.6,
"url": "https://source.android.com/security/bulletin/2019-09-01"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
},
{
"trust": 0.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
},
{
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
},
{
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"date": "2019-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-172"
},
{
"date": "2019-11-06T17:15:11.910000",
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011554"
},
{
"date": "2019-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-172"
},
{
"date": "2024-11-21T04:19:16.847000",
"db": "NVD",
"id": "CVE-2019-10496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Classic buffer overflow vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011554"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-172"
}
],
"trust": 0.6
}
}
VAR-201907-0241
Vulnerability from variot - Updated: 2025-01-30 19:40Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a buffer error vulnerability.Information may be obtained. Qualcomm MSM8996AU is a central processing unit (CPU) product of Qualcomm (Qualcomm). An attacker could exploit this vulnerability to disclose information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0241",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sd 632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 8cx",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "snapdragon high med 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martijn Bogaard",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
}
],
"trust": 0.6
},
"cve": "CVE-2019-2343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-2343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-153778",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-2343",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-2343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-2343",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-1335",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-153778",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
},
{
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a buffer error vulnerability.Information may be obtained. Qualcomm MSM8996AU is a central processing unit (CPU) product of Qualcomm (Qualcomm). An attacker could exploit this vulnerability to disclose information",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-2343"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "VULHUB",
"id": "VHN-153778"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-2343",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1335",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-153778",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
},
{
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"id": "VAR-201907-0241",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153778"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T19:40:58.920000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "July 2019 Qualcomm Technologies, Inc. Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95482"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2343"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2343"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
},
{
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-153778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
},
{
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-153778"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"date": "2019-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-1335"
},
{
"date": "2019-07-25T17:15:14.113000",
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-153778"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007033"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-1335"
},
{
"date": "2024-11-21T04:40:45.350000",
"db": "NVD",
"id": "CVE-2019-2343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007033"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-1335"
}
],
"trust": 0.6
}
}
VAR-201906-0996
Vulnerability from variot - Updated: 2025-01-30 19:29Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. WLAN is one of the wireless local area network components. An input validation error vulnerability exists in WLAN in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Qualcomm MDM9206; MDM9607; MDM9640; MDM9650; MSM8996AU; QCS405; QCS605; SD 210; SD 212; SD 205; SD 675; SD 712; SD 710; SD 670; SD 730; SD 820A; SD 835; SD 855; SDA660; SDM630; SDM660; SDX20; SDX24
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0996",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 415",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 652",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 616",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
}
]
},
"cve": "CVE-2018-5903",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-5903",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-135935",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-5903",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-5903",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-5903",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-615",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-135935",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-5903",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135935"
},
{
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
},
{
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. WLAN is one of the wireless local area network components. An input validation error vulnerability exists in WLAN in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Qualcomm MDM9206; MDM9607; MDM9640; MDM9650; MSM8996AU; QCS405; QCS605; SD 210; SD 212; SD 205; SD 675; SD 712; SD 710; SD 670; SD 730; SD 820A; SD 835; SD 855; SDA660; SDM630; SDM660; SDX20; SDX24",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "VULHUB",
"id": "VHN-135935"
},
{
"db": "VULMON",
"id": "CVE-2018-5903"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5903",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-615",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-135935",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5903",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-135935"
},
{
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
},
{
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"id": "VAR-201906-0996",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-135935"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"other device",
"embedded device"
],
"sub_category": "SoC",
"trust": 0.1
},
{
"category": [
"other device",
"embedded device"
],
"sub_category": "general",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T19:29:42.276000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "May 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin"
},
{
"title": "Multiple Qualcomm product WLAN Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93831"
},
{
"title": "SamsungReleaseNotes",
"trust": 0.1,
"url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-129",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135935"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5903"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5903"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/129.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/samreleasenotes/samsungreleasenotes"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-135935"
},
{
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
},
{
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-135935"
},
{
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
},
{
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-135935"
},
{
"date": "2019-06-14T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"date": "2019-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"date": "2019-06-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-615"
},
{
"date": "2019-06-14T17:29:01.173000",
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-135935"
},
{
"date": "2019-06-17T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5903"
},
{
"date": "2019-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015622"
},
{
"date": "2019-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-615"
},
{
"date": "2024-11-21T04:09:40.197000",
"db": "NVD",
"id": "CVE-2018-5903"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Vulnerability related to array index verification in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015622"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-615"
}
],
"trust": 0.6
}
}
VAR-201907-0629
Vulnerability from variot - Updated: 2024-11-23 23:11Possible buffer overflow when number of channels passed is more than size of channel mapping array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem. A buffer error vulnerability exists in the audio drivers in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0629",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 425",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 675",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 730",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 616",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 665",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 712",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 415",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 820",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 600",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 855",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 430",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "215",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
}
]
},
"cve": "CVE-2019-2328",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-2328",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-153763",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-2328",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-2328",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-2328",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-069",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-153763",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
},
{
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Possible buffer overflow when number of channels passed is more than size of channel mapping array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem. A buffer error vulnerability exists in the audio drivers in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-2328"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "VULHUB",
"id": "VHN-153763"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-2328",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-069",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-153763",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
},
{
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"id": "VAR-201907-0629",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-153763"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:11:47.080000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "July 2019 Code Aurora Security Bulletin",
"trust": 0.8,
"url": "https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin"
},
{
"title": "Android Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94303"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2328"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2328"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-july-2019-29673"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-153763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
},
{
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-153763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
},
{
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-153763"
},
{
"date": "2019-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"date": "2019-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-069"
},
{
"date": "2019-07-25T17:15:13.927000",
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-153763"
},
{
"date": "2019-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007228"
},
{
"date": "2019-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-069"
},
{
"date": "2024-11-21T04:40:43.323000",
"db": "NVD",
"id": "CVE-2019-2328"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007228"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-069"
}
],
"trust": 0.6
}
}
VAR-201912-1729
Vulnerability from variot - Updated: 2024-11-23 23:11Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem. WLAN is one of the wireless LAN components.
The WLAN in multiple Qualcomm products has a buffer overflow vulnerability. This vulnerability is caused by network systems or products that do not correctly verify data boundaries when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1729",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9379",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca9377",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9207c",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6174a",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9607"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9650"
},
{
"model": "msm 8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "605"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "630"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "20"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9206"
},
{
"model": "qca 6574au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca 6174a",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9377"
},
{
"model": "qca",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9379"
},
{
"model": "sxr",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "1130"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8017"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8053"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8009"
},
{
"model": "apq 8096au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "55"
},
{
"model": "mdm 9207c",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7605"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
}
]
},
"cve": "CVE-2019-10557",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10557",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-03575",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10557",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10557",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10557",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10557",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-03575",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-099",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
},
{
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem. WLAN is one of the wireless LAN components. \n\r\n\r\nThe WLAN in multiple Qualcomm products has a buffer overflow vulnerability. This vulnerability is caused by network systems or products that do not correctly verify data boundaries when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10557"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "CNVD",
"id": "CNVD-2020-03575"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10557",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03575",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-099",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
},
{
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"id": "VAR-201912-1729",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
}
]
},
"last_update_date": "2024-11-23T23:11:36.065000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-03575)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/198871"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105731"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10557"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10557"
},
{
"trust": 0.6,
"url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
},
{
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
},
{
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-099"
},
{
"date": "2019-12-18T06:15:12.097000",
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03575"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013388"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-099"
},
{
"date": "2024-11-21T04:19:26.937000",
"db": "NVD",
"id": "CVE-2019-10557"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product out-of-bounds vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013388"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-099"
}
],
"trust": 0.6
}
}
VAR-202001-1493
Vulnerability from variot - Updated: 2024-11-23 23:11While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm MSM8996AU, etc. are all a central processing unit (CPU) product of Qualcomm.
HLOS Data in many Qualcomm products has a resource management error vulnerability. Local attackers can use this vulnerability to execute arbitrary code or cause a denial of service by sending a specially crafted request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-1493",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909w",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca6574au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8905_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8917_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8920_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8937_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:msm8939_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
}
]
},
"cve": "CVE-2019-10548",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10548",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-41778",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-10548",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10548",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10548",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-10548",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-41778",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-207",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-10548",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "VULMON",
"id": "CVE-2019-10548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
},
{
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm MSM8996AU, etc. are all a central processing unit (CPU) product of Qualcomm. \n\r\n\r\nHLOS Data in many Qualcomm products has a resource management error vulnerability. Local attackers can use this vulnerability to execute arbitrary code or cause a denial of service by sending a specially crafted request",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "VULMON",
"id": "CVE-2019-10548"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10548",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-41778",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202001-207",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-10548",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "VULMON",
"id": "CVE-2019-10548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
},
{
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"id": "VAR-202001-1493",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
}
]
},
"last_update_date": "2024-11-23T23:11:35.031000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "January 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
},
{
"title": "Patch for Resource management error vulnerabilities in multiple Qualcomm products (CNVD-2020-41778)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/226747"
},
{
"title": "Multiple Qualcomm Product resource management error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108335"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10548"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10548"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2020-31267"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "VULMON",
"id": "CVE-2019-10548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
},
{
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"db": "VULMON",
"id": "CVE-2019-10548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
},
{
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"date": "2020-01-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10548"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"date": "2020-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-207"
},
{
"date": "2020-01-21T07:15:11.353000",
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-41778"
},
{
"date": "2020-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10548"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014198"
},
{
"date": "2020-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-207"
},
{
"date": "2024-11-21T04:19:25.520000",
"db": "NVD",
"id": "CVE-2019-10548"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Products use free memory vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014198"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-207"
}
],
"trust": 0.6
}
}
VAR-202003-1265
Vulnerability from variot - Updated: 2024-11-23 23:11Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. SDA660 is a central processing unit (CPU) product.
The Data Modem in many Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the wrong read and write operations to other associated memory locations. , An attacker can use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mdm9206",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
}
]
},
"cve": "CVE-2019-10586",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10586",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-014809",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-20198",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10586",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-014809",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10586",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-014809",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-20198",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-129",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
},
{
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. SDA660 is a central processing unit (CPU) product. \n\r\n\r\nThe Data Modem in many Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the wrong read and write operations to other associated memory locations. , An attacker can use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10586"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "CNVD",
"id": "CNVD-2020-20198"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10586",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-20198",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-129",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
},
{
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"id": "VAR-202003-1265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
}
]
},
"last_update_date": "2024-11-23T23:11:32.409000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "March 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"title": "Patch for Multiple Qualcomm products Data Modem buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/211545"
},
{
"title": "Multiple Qualcomm product Data Modem Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111590"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10586"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10586"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
},
{
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
},
{
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"date": "2020-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-129"
},
{
"date": "2020-03-05T09:15:15.923000",
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20198"
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014809"
},
{
"date": "2020-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-129"
},
{
"date": "2024-11-21T04:19:30.760000",
"db": "NVD",
"id": "CVE-2019-10586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014809"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-129"
}
],
"trust": 0.6
}
}
VAR-201901-0454
Vulnerability from variot - Updated: 2024-11-23 23:08While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. snapdragon mobile and snapdragon wear Contains a race condition vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A race condition vulnerability exists in several Qualcomm snapdragon products. Attackers can exploit this vulnerability to cause cross-border access
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0454",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "snapdragon high med 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 205",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 210",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 212",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 427",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 435",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 450",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 625",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "sd 835",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
}
]
},
"cve": "CVE-2018-11998",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.5,
"id": "CVE-2018-11998",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.5,
"id": "VHN-121913",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2018-11998",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-11998",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-11998",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-756",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121913",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121913"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
},
{
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. snapdragon mobile and snapdragon wear Contains a race condition vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A race condition vulnerability exists in several Qualcomm snapdragon products. Attackers can exploit this vulnerability to cause cross-border access",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "VULHUB",
"id": "VHN-121913"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11998",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-756",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-121913",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121913"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
},
{
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"id": "VAR-201901-0454",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-121913"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:08:28.276000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2018 Qualcomm Technologies, Inc. Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"title": "Multiple Qualcomm snapdragon Repair measures for product competition conditions",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88858"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121913"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11998"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11998"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121913"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
},
{
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-121913"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
},
{
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-121913"
},
{
"date": "2019-03-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"date": "2019-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-756"
},
{
"date": "2019-01-18T22:29:00.567000",
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-24T00:00:00",
"db": "VULHUB",
"id": "VHN-121913"
},
{
"date": "2019-03-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013790"
},
{
"date": "2019-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-756"
},
{
"date": "2024-11-21T03:44:23.450000",
"db": "NVD",
"id": "CVE-2018-11998"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "snapdragon mobile and snapdragon wear Race condition vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013790"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competitive condition",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-756"
}
],
"trust": 0.6
}
}
VAR-202003-1267
Vulnerability from variot - Updated: 2024-11-23 23:08Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. MSM8917 is a central processing unit (CPU) product.
The Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the execution of the wrong memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1267",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8009",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
}
]
},
"cve": "CVE-2019-10554",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10554",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.4,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-014821",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-20195",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10554",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-014821",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10554",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-014821",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-20195",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-135",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
},
{
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. MSM8917 is a central processing unit (CPU) product. \n\r\n\r\nThe Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the execution of the wrong memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10554"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "CNVD",
"id": "CNVD-2020-20195"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10554",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-20195",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-135",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
},
{
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"id": "VAR-202003-1267",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
}
]
},
"last_update_date": "2024-11-23T23:08:04.260000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "March 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"title": "Patch for Multiple Qualcomm product buffer overflow vulnerabilities (CNVD-2020-20195)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/211587"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111594"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10554"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10554"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
},
{
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
},
{
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"date": "2020-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-135"
},
{
"date": "2020-03-05T09:15:15.733000",
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20195"
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014821"
},
{
"date": "2020-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-135"
},
{
"date": "2024-11-21T04:19:26.453000",
"db": "NVD",
"id": "CVE-2019-10554"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Out-of-bounds read vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014821"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-135"
}
],
"trust": 0.6
}
}
VAR-202009-1283
Vulnerability from variot - Updated: 2024-11-23 23:07u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1283",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs405",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "kamorta",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8250",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs610",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr2130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "ipq8074",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qca8081",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs404",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "saipan",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa415m",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "bitra",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sa6155p",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcn7605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc7180",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "bitra",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "kamorta",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.8,
"vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"cve": "CVE-2020-3621",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3621",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-3621",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-3621",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-3621",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-3621",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202008-074",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
},
{
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "u\u0027Lack of check to ensure that the TX read index \u0026 RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3621"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3621",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010700",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202008-074",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
},
{
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"id": "VAR-202009-1283",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2491935133333333
},
"last_update_date": "2024-11-23T23:07:49.152000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "August\u00a02020\u00a0Security\u00a0Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin"
},
{
"title": "Multiple Qualcomm Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125407"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3621"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-september-2020-33285"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
},
{
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
},
{
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"date": "2020-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-074"
},
{
"date": "2020-09-08T10:15:15.107000",
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-01T08:35:00",
"db": "JVNDB",
"id": "JVNDB-2020-010700"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-074"
},
{
"date": "2024-11-21T05:31:25.493000",
"db": "NVD",
"id": "CVE-2020-3621"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Snapdragon\u00a0 Buffer error vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010700"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-074"
}
],
"trust": 0.6
}
}