{"vulnerability": "cve-2019-1055", "sightings": [{"uuid": "b2b6b65a-47d6-4eef-894b-ae4d47598708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10557", "type": "seen", "source": "Telegram/hHnUO3JZazxaDFSlcvhpOKOiZt6eEIvuGQrcrKvPgHXG", "content": "", "creation_timestamp": "2019-12-14T01:31:35.000000Z"}, {"uuid": "4cacdda3-7bf7-408d-a6d7-1ea3d9f25b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10557", "type": "seen", "source": "Telegram/iQUZE2pIByE4vkwExY2sw7tjReCcmi36nOFNFwktNW4", "content": "", "creation_timestamp": "2019-12-13T11:21:12.000000Z"}, {"uuid": "67b21a32-62e5-4c5d-96b7-637dc7d38f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10558", "type": "seen", "source": "https://t.me/cveNotify/351", "content": "\ud83d\udea8 CVE-2019-10558\nWhile transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2020-01-21T13:37:40.000000Z"}, {"uuid": "834e4b5d-453d-49c7-9247-aee298a01ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10551", "type": "seen", "source": "https://t.me/cibsecurity/11345", "content": "ATENTION\u203c New - CVE-2019-10551\n\nString error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-16T17:32:09.000000Z"}, {"uuid": "016f38b0-5ee7-41be-9e26-27966f61da5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10556", "type": "seen", "source": "https://t.me/cibsecurity/11341", "content": "ATENTION\u203c New - CVE-2019-10556\n\nMissing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some cases in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8909W, MSM8917, MSM8953, Nicobar, QCN7605, QCS405, QCS605, QM215, Rennell, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-16T17:02:34.000000Z"}, {"uuid": "ac7700cf-3ea5-4b5a-b36b-fcc693fe88eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10554", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:55.000524Z"}, {"uuid": "0bfb515e-1eb8-4382-9fd0-c83192c3cd59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10553", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:55.086409Z"}, {"uuid": "1f0c715c-9937-45d5-8df0-81b6323e31c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10552", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:55.206545Z"}, {"uuid": "b89bbe4f-9c38-4097-bc6f-db2b8ed0d638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10557", "type": "seen", "source": "https://t.me/indoghostsec/731", "content": "INDONESIAN GHOST SECURITY\n\nBY Gh05t999include\n\n2019 ANDROID BUG\n\n\nYook gas:v\n\n1) This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n2) Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n \n3) The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.\n\n4) Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.\n\n2019-12-01 security patch level vulnerability details:\n\n\nCVE-2019-2232 A-140632678 DoS Critical 8.0, 8.1, 9, 10\nCVE-2019-9464 A-141028068 [2] [3] [4] EoP High 10\nCVE-2019-2217 A-141003796 EoP High 10\nCVE-2019-2218 A-141169173 EoP High 10\nCVE-2019-2220 A-138636979 [2] ID High 9, 10\nCVE-2019-2221 A-138583650 [2] EoP Moderate 10\n\nIn Kernel Also !!!!\n\nCVE-2018-20961 A-139522588\nUpstream kernel EoP High USB MIDI class function driver\nCVE-2019-15220 A-140329469\nUpstream kernel EoP High Prism54 WiFi USB Driver\nCVE-2019-15239 A-140328996\nUpstream kernel EoP High TCP Stack\n\nIn Qualcomm components\n\nCVE-2019-10557 A-78657016\nQC-CR#2255369\nQC-CR#2259707 N/A High WLAN host\nCVE-2018-11980 A-140423440\nQC-CR#2270117 N/A High WLAN host\nCVE-2019-10480 A-140423811\nQC-CR#2309399 N/A High WLAN host\nCVE-2019-10481 A-140423794\nQC-CR#2304610\nQC-CR#2318632 N/A High WLAN host\nCVE-2019-10536 A-140423334\nQC-CR#2433802 N/A High WLAN host\nCVE-2019-10537 A-140423693\nQC-CR#2436502 N/A High WLAN host\nCVE-2019-10595 A-140423810\nQC-CR#2148184 N/A High WLAN host\nCVE-2019-10598 A-140423155\nQC-CR#2324139 N/A High WLAN host\nCVE-2019-10601 A-140423156\nQC-CR#2428798 N/A High WLAN host\nCVE-2019-10605 A-140424124\nQC-CR#2187441 N/A High WLAN host\nCVE-2019-10607 A-140423690\nQC-CR#2211711 N/A High Security\nCVE-2019-2304 A-123238115\nQC-CR#2331868\nQC-CR#2335530\nQC-CR#2348299\nQC-CR#2203904* N/A High WLAN host", "creation_timestamp": "2019-12-11T03:00:17.000000Z"}, {"uuid": "219bec22-08fa-4a37-938f-ceb479bb7a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10557", "type": "seen", "source": "https://t.me/indoghostsec/751", "content": "INDONESIAN GHOST SECURITY/INDOGHOSTSEC\n\n2019 ANDROID BUG\n\n\nLet's start\n\n1) This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n2) Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n \n3) The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.\n\n4) Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.\n\n_2019-12-01 security patch level vulnerability details:\n\n\nCVE-2019-2232 A-140632678 DoS Critical 8.0, 8.1, 9, 10\nCVE-2019-9464 A-141028068 [2] [3] [4] EoP High 10\nCVE-2019-2217 A-141003796 EoP High 10\nCVE-2019-2218 A-141169173 EoP High 10\nCVE-2019-2220 A-138636979 [2] ID High 9, 10\nCVE-2019-2221 A-138583650 [2] EoP Moderate 10\n\n_In Kernel Also !!!!\n\nCVE-2018-20961 A-139522588\nUpstream kernel EoP High USB MIDI class function driver\nCVE-2019-15220 A-140329469\nUpstream kernel EoP High Prism54 WiFi USB Driver\nCVE-2019-15239 A-140328996\nUpstream kernel EoP High TCP Stack\n\n_In Qualcomm components\n\nCVE-2019-10557 A-78657016\nQC-CR#2255369\nQC-CR#2259707 N/A High WLAN host\nCVE-2018-11980 A-140423440\nQC-CR#2270117 N/A High WLAN host\nCVE-2019-10480 A-140423811\nQC-CR#2309399 N/A High WLAN host\nCVE-2019-10481 A-140423794\nQC-CR#2304610\nQC-CR#2318632 N/A High WLAN host\nCVE-2019-10536 A-140423334\nQC-CR#2433802 N/A High WLAN host\nCVE-2019-10537 A-140423693\nQC-CR#2436502 N/A High WLAN host\nCVE-2019-10595 A-140423810\nQC-CR#2148184 N/A High WLAN host\nCVE-2019-10598 A-140423155\nQC-CR#2324139 N/A High WLAN host\nCVE-2019-10601 A-140423156\nQC-CR#2428798 N/A High WLAN host\nCVE-2019-10605 A-140424124\nQC-CR#2187441 N/A High WLAN host\nCVE-2019-10607 A-140423690\nQC-CR#2211711 N/A High Security\nCVE-2019-2304 A-123238115\nQC-CR#2331868\nQC-CR#2335530\nQC-CR#2348299\nQC-CR#2203904* N/A High WLAN host \n\n\nBy indoghostsec 4x3ll999gh05t", "creation_timestamp": "2019-12-11T16:24:35.000000Z"}, {"uuid": "13a5ec63-1ced-48f5-aa04-1d092e4a036e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10558", "type": "seen", "source": "https://t.me/cibsecurity/9294", "content": "ATENTION\u203c New - CVE-2019-10558\n\nWhile transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-01-21T13:14:12.000000Z"}, {"uuid": "82bd7c47-8043-40ba-94d4-ebfad08ea238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10554", "type": "seen", "source": "https://t.me/cibsecurity/10305", "content": "ATENTION\u203c New - CVE-2019-10554\n\nMultiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-05T14:07:06.000000Z"}, {"uuid": "bf2ccaaf-e702-4f95-8b12-9de189a925a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10553", "type": "seen", "source": "https://t.me/cibsecurity/10306", "content": "ATENTION\u203c New - CVE-2019-10553\n\nMultiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-05T14:07:07.000000Z"}, {"uuid": "2ee8b987-772f-400c-8427-b6a232a8d584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10552", "type": "seen", "source": "https://t.me/cibsecurity/10307", "content": "ATENTION\u203c New - CVE-2019-10552\n\nMultiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-05T14:07:08.000000Z"}, {"uuid": "543f4e6e-dd19-4a6d-a34d-7b5c67f34f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10550", "type": "seen", "source": "https://t.me/cibsecurity/10308", "content": "ATENTION\u203c New - CVE-2019-10550\n\nBuffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-05T14:07:09.000000Z"}]}