Latest CVE Feed
-
7.5
HIGHCVE-2018-12015
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.... Read more
Affected Products : ubuntu_linux debian_linux data_ontap_edge oncommand_workflow_automation mac_os_x snapdrive snap_creator_framework perl \- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-12014
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer.... Read more
Affected Products : android- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-12013
Improper authentication in locked memory region can lead to unprivilged access to the memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd... Read more
Affected Products : sd_8cx_firmware sdm660_firmware sd_835_firmware qcs605_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_636_firmware mdm9655_firmware +40 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-12012
While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer... Read more
Affected Products : sd_8cx_firmware sd_835_firmware qcs605_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware mdm9655_firmware sd_410_firmware sd_412_firmware sd_210_firmware +32 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-12011
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure.... Read more
Affected Products : android- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-12010
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corruption in trustzone region.... Read more
Affected Products : android- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-12006
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Users with no extra privileges can potentially access leaked data due to uninitialized padding present in display function.... Read more
Affected Products : android- Published: Feb. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-12005
An unprivileged user can issue a binder call and cause a system halt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820a_firmware sd_835_firmware mdm9150_firmware qcs605_firmware sd_675_firmware sdx24_firmware +60 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-12004
Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We... Read more
Affected Products : sd_8cx_firmware sdm660_firmware sd_835_firmware qcs605_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_636_firmware mdm9655_firmware +40 more products- Published: May. 24, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-11999
Improper input validation in trustzone can lead to denial of service in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 8... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd_820_firmware sd_820a_firmware sd_835_firmware sdx24_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware mdm9635m_firmware +32 more products- Published: Jan. 18, 2019
- Modified: Nov. 21, 2024
-
7.9
HIGHCVE-2018-11998
While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA6... Read more
Affected Products : android sdm660_firmware sd_450_firmware sd_625_firmware sd_835_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_636_firmware sdm630_firmware +21 more products- Published: Jan. 18, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11996
When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600,... Read more
Affected Products : msm8996au_firmware sd_820_firmware sd_820a_firmware sd_835_firmware sdx24_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware mdm9607_firmware +22 more products- Published: Nov. 28, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11995
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.... Read more
Affected Products : android- Published: Nov. 27, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11994
SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware sdx24_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware +30 more products- Published: Nov. 28, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-11993
Improper check while accessing the local memory stack on MQTT connection request can lead to buffer overflow in snapdragon wear in versions MDM9206, MDM9607... Read more
- Published: Jan. 18, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11988
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Un-trusted pointer de-reference issue by accessing a variable which is already freed.... Read more
Affected Products : android- Published: Dec. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11987
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic.... Read more
Affected Products : android- Published: Dec. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11986
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP d... Read more
Affected Products : android- Published: Dec. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11985
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer.... Read more
Affected Products : android- Published: Dec. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11984
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition and an out-of-bounds access can occur in the DIAG driver.... Read more
Affected Products : android- Published: Dec. 20, 2018
- Modified: Nov. 21, 2024