Latest CVE Feed
-
7.8
HIGHCVE-2017-18308
Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430... Read more
Affected Products : android msm8909w_firmware mdm9607_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_425_firmware sd_430_firmware mdm9607 msm8909w +5 more products- Published: Oct. 26, 2018
- Modified: Nov. 21, 2024
-
7.0
HIGHCVE-2017-18305
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.... Read more
Affected Products : android sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sd_210_firmware sd_212_firmware sd_205_firmware mdm9206 mdm9607 +5 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18304
Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +42 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18303
While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 20... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +42 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
4.7
MEDIUMCVE-2017-18302
In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify... Read more
Affected Products : sdm660_firmware msm8996au_firmware sd625_firmware sd835_firmware sda660_firmware sd820_firmware sdm630_firmware sd450_firmware sd425_firmware sd427_firmware +28 more products- Published: Sep. 20, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18301
In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20... Read more
Affected Products : sdm660_firmware sd845_firmware mdm9650_firmware msm8909w_firmware sd625_firmware sd835_firmware sdx20_firmware mdm9607_firmware mdm9640_firmware sd820_firmware +36 more products- Published: Sep. 20, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18300
Secure display content could be accessed by third party trusted application after creating a fault in other trusted applications in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SDA660.... Read more
Affected Products : android sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_210_firmware sd_212_firmware sd_205_firmware mdm9206 +7 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18299
Improper translation table consolidation logic leads to resource exhaustion and QSEE error in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 62... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware +28 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18298
Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 41... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware +42 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18297
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.... Read more
Affected Products : android sd_450_firmware sd_625_firmware sd_820_firmware sd_425_firmware sd_430_firmware sd_650_firmware sd_652_firmware sd_425 sd_430 +5 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18296
Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +38 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18295
Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +28 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18294
While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +38 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18293
When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MD... Read more
Affected Products : android sd_450_firmware sd_625_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_210_firmware sd_212_firmware +19 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18292
Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/1... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware msm8909w_firmware sd_410_firmware sd_412_firmware sd_210_firmware sd_212_firmware +32 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18291
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18290
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18289
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18288
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18287
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024