Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sd_400_firmware
(Qualcomm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 164 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-04-18 | CVE-2015-9166 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, DRM provisioning mechanisms used in QSEE applications have a feature to prevent further provisioning. This is done by creating an SFS file... | Ipq4019_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 7.5 | ||
| 2018-04-18 | CVE-2015-9165 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, incorrect error handling could lead to a double free in QTEE file service API. | Ipq4019_firmware, Mdm9206_firmware, Mdm9607_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_810_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9164 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, a buffer overread in Playready may occur due to lack of input validation of the buffer size provided by HLOS. | Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9163 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a PlayReady function, information exposure can occur. | Mdm9206_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 7.5 | ||
| 2018-04-18 | CVE-2015-9161 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, TOCTOU condition could lead to a buffer overflow in function playready_reader_bind(). | Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9160 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, integer overflow may occur when values passed from HLOS (graphics driver busy time, and total time) in TZBSP_GFX_DCVS_UPDATE_ID are very large. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9159 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation OEMCrypto_GetRandom can cause potential buffer overflow. | Mdm9206_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9158 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a QTEE crypto function, a buffer overflow can occur. | Mdm9206_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9157 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in widevine_dash_cmd_handler(), rsp buffers are passed off to widevine commands. These rsp buffers have values in them, such as buffer lengths, that need to be validated to ensure that no buffer overflow/over-reads... | Ipq4019_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9625_firmware, Mdm9635m_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9156 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, when making a high speed Dual Carrier Downlink Data call in a multicell environment, a buffer overflow may occur. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware | 9.8 |