Latest CVE Feed
-
6.1
MEDIUMCVE-2018-13983
ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php.... Read more
Affected Products : impresscms- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-13982
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory securit... Read more
- Published: Sep. 18, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-13981
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but no... Read more
Affected Products : zeta_producer_desktop_cms- Published: Jul. 16, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-13980
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.... Read more
Affected Products : zeta_producer- Published: Jul. 16, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13927
Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon... Read more
Affected Products : sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_820_firmware sd_820a_firmware sd_835_firmware qcs605_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware +38 more products- Published: Jul. 22, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2018-13925
Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snap... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware qcs605_firmware mdm9650_firmware msm8909w_firmware +74 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2018-13924
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra... Read more
Affected Products : ipq8074_firmware qca8081_firmware sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware +102 more products- Published: Jul. 22, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13920
Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8... Read more
Affected Products : sdm660_firmware sd_450_firmware sd_625_firmware sd_820a_firmware qcs605_firmware sdx24_firmware mdm9650_firmware msm8909w_firmware mdm9206_firmware mdm9607_firmware +38 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13919
Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sna... Read more
Affected Products : sdm660_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware sdx24_firmware mdm9650_firmware +38 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13918
kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon W... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware sdx24_firmware mdm9650_firmware msm8909w_firmware +40 more products- Published: Apr. 04, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13916
Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon C... Read more
Affected Products : ipq8074_firmware qca8081_firmware sdx55_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware +100 more products- Published: Nov. 21, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13914
Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM965... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware mdm9607_firmware +26 more products- Published: Feb. 25, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13913
Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versio... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_625_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sdx24_firmware mdm9650_firmware msm8909w_firmware +72 more products- Published: Feb. 25, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-13912
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150,... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sdx24_firmware mdm9650_firmware +62 more products- Published: Feb. 25, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2018-13911
Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We... Read more
Affected Products : sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware +82 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13910
Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Vo... Read more
Affected Products : ipq8074_firmware qca8081_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware +40 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
7.0
HIGHCVE-2018-13909
Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT... Read more
Affected Products : sd_8cx_firmware sdm660_firmware sd_450_firmware sd_625_firmware qcs605_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_636_firmware +50 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-13908
Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon In... Read more
Affected Products : ipq8074_firmware qca8081_firmware sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware +84 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2018-13907
While deserializing any key blob during key operations, buffer overflow could occur, exposing partial key information if any key operations are invoked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connec... Read more
Affected Products : ipq8074_firmware qca8081_firmware sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware +94 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2018-13906
The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sn... Read more
Affected Products : ipq8074_firmware qca8081_firmware sd_8cx_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware +94 more products- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024