Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mdm9206_firmware
(Qualcomm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 737 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-10-23 | CVE-2017-18294 | While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. | Fsm9055_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sda660_firmware, Sdx20_firmware | 7.8 | ||
| 2018-10-23 | CVE-2017-18293 | When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_835_firmware, Sda660_firmware | 7.8 | ||
| 2018-10-23 | CVE-2017-18282 | Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd425_firmware, Sd430_firmware, Sd450_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd835_firmware, Sda660_firmware | 7.8 | ||
| 2018-10-23 | CVE-2017-18277 | When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835. | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Qcn5502_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware | 5.5 | ||
| 2019-05-06 | CVE-2017-18276 | Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850 | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 7.8 | ||
| 2019-05-06 | CVE-2017-18275 | A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware | 5.5 | ||
| 2019-01-03 | CVE-2017-18141 | When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD... | Ipq8074_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_425_firmware, Sd_427_firmware, Sd_429_firmware, Sd_430_firmware, Sd_435_firmware, Sd_439_firmware, Sd_450_firmware, Sd_625_firmware, Sd_632_firmware, Sd_636_firmware, Sd_650_firmware, Sd_652_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sda660_firmware, Sdm439_firmware, Sdm630_firmware, Sdm660_firmware, Sdx24_firmware, Snapdragon_high_med_2016_firmware | 7.8 | ||
| 2018-04-11 | CVE-2017-18130 | In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware | 9.8 | ||
| 2018-04-11 | CVE-2017-18129 | In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains. | Mdm9206_firmware, Mdm9607_firmware, Msm8996_firmware, Msm8998_firmware, Sd_845_firmware | 9.8 | ||
| 2018-04-11 | CVE-2017-18126 | In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the original mac spoofing feature does not use the following in probe request frames: (a)... | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Qca6174a_firmware, Qca6574_firmware, Qca6574au_firmware, Qca6584_firmware, Qca6584au_firmware, Qca9377_firmware, Qca9379_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_430_firmware, Sd_435_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_835_firmware, Sd_845_firmware, Sdm630_firmware, Sdm636_firmware, Sdm660_firmware | 7.5 |