Latest CVE Feed
-
7.8
HIGHCVE-2017-18296
Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +38 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18295
Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +28 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18294
While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, ... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware sdx20_firmware mdm9206_firmware +38 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18293
When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MD... Read more
Affected Products : android sd_450_firmware sd_625_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd_210_firmware sd_212_firmware +19 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18292
Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/1... Read more
Affected Products : msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware msm8909w_firmware sd_410_firmware sd_412_firmware sd_210_firmware sd_212_firmware +32 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18291
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18290
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18289
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18288
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2017-18287
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.... Read more
Affected Products : stats- Published: Jun. 12, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUM- Published: Jun. 05, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18285
The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain account for a burp-server.conf ch... Read more
- Published: Jun. 04, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2017-18284
The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root scrip... Read more
- Published: Jun. 04, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2017-18283
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660.... Read more
Affected Products : android sd_625_firmware sd_835_firmware qca9379_firmware sda660_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_845_firmware sd_850_firmware +9 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18282
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.... Read more
Affected Products : android mdm9650_firmware sd210_firmware sd625_firmware sd835_firmware sd205_firmware mdm9206_firmware mdm9607_firmware sda660_firmware sd450_firmware +19 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18281
A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel... Read more
Affected Products : android- Published: Oct. 29, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18280
In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Tr... Read more
Affected Products : msm8996au_firmware msm8909w_firmware sd210_firmware sd625_firmware sd835_firmware sd205_firmware mdm9607_firmware sd820_firmware sd450_firmware sd212_firmware +32 more products- Published: Sep. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18279
Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA95... Read more
Affected Products : ipq8064_firmware qca9886_firmware qca9980_firmware sdm660_firmware msm8996au_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_835_firmware mdm9650_firmware +68 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2017-18278
An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Sn... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware mdm9206_firmware mdm9607_firmware sd_210_firmware sd_212_firmware +24 more products- Published: May. 06, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-18277
When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MD... Read more
Affected Products : sd_450_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd_835_firmware mdm9650_firmware msm8909w_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware +36 more products- Published: Oct. 23, 2018
- Modified: Nov. 21, 2024