Latest CVE Feed
-
9.8
CRITICALCVE-2018-13898
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150... Read more
Affected Products : sd_8cx_firmware sdm660_firmware sd_450_firmware sd_625_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware sdx24_firmware mdm9650_firmware +70 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-13897
Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdrago... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware qcs605_firmware sd_675_firmware mdm9650_firmware msm8909w_firmware +48 more products- Published: Jul. 25, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13896
XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connec... Read more
Affected Products : sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware qcs605_firmware mdm9650_firmware +62 more products- Published: Jul. 22, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13895
Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indus... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware mdm9650_firmware +64 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13893
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Out of bound mask range access caused by using possible old value of msg mask table count while copying masks to userspace.... Read more
Affected Products : android- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13889
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed... Read more
Affected Products : android- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13888
There is potential for memory corruption in the RIL daemon due to de reference of memory outside the allocated array length in RIL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in versions ... Read more
Affected Products : sdm660_firmware sd_450_firmware sd_625_firmware sd_820a_firmware sd_835_firmware sd_675_firmware mdm9650_firmware msm8909w_firmware mdm9206_firmware mdm9607_firmware +54 more products- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2018-13887
Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650... Read more
Affected Products : sdm660_firmware sd_450_firmware sd_625_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware +64 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2018-13886
Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware +90 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-13885
Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, ... Read more
Affected Products : sdm660_firmware sd_450_firmware sd_625_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware mdm9650_firmware sdx20_firmware mdm9206_firmware +64 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-13879
A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the at... Read more
Affected Products : rocket.chat- Published: Jul. 11, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-13878
An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possib... Read more
Affected Products : rocket.chat- Published: Jul. 11, 2018
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-13877
The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always causing exceptions buys a land, users cannot buy lands near... Read more
Affected Products : megacryptopolis- Published: Aug. 06, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13876
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13875
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13874
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13872
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13871
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13870
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13869
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.... Read more
Affected Products : hdf5- Published: Jul. 10, 2018
- Modified: Nov. 21, 2024