# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
13351 |
CVE-2018-11876 |
119 |
|
Overflow |
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. |
13352 |
CVE-2018-11875 |
119 |
|
Overflow |
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. |
13353 |
CVE-2018-11874 |
119 |
|
Overflow |
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. |
13354 |
CVE-2018-11873 |
20 |
|
|
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845. |
13355 |
CVE-2018-11872 |
20 |
|
|
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660 |
13356 |
CVE-2018-11871 |
119 |
|
Overflow |
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016. |
13357 |
CVE-2018-11870 |
119 |
|
Overflow |
2018-10-29 |
2019-04-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20. |
13358 |
CVE-2018-11869 |
119 |
|
Overflow |
2018-09-18 |
2019-04-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler. |
13359 |
CVE-2018-11868 |
119 |
|
Overflow |
2018-09-18 |
2019-04-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler. |
13360 |
CVE-2018-11867 |
119 |
|
Overflow |
2018-10-29 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845. |
13361 |
CVE-2018-11866 |
190 |
|
Overflow |
2018-10-29 |
2018-12-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. |
13362 |
CVE-2018-11865 |
190 |
|
Overflow |
2018-10-29 |
2018-12-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. |
13363 |
CVE-2018-11863 |
119 |
|
Overflow |
2018-09-18 |
2018-11-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy. |
13364 |
CVE-2018-11862 |
119 |
|
Overflow |
2018-10-29 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. |
13365 |
CVE-2018-11861 |
119 |
|
Overflow |
2018-10-29 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. |
13366 |
CVE-2018-11860 |
119 |
|
Overflow |
2018-09-18 |
2019-04-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length. |
13367 |
CVE-2018-11859 |
119 |
|
Overflow |
2018-10-29 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. |
13368 |
CVE-2018-11858 |
119 |
|
Overflow |
2018-10-29 |
2018-12-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850. |
13369 |
CVE-2018-11857 |
119 |
|
Overflow |
2018-10-29 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850 |
13370 |
CVE-2018-11856 |
119 |
|
Overflow |
2018-10-29 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. |
13371 |
CVE-2018-11854 |
119 |
|
Overflow |
2018-10-26 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 |
13372 |
CVE-2018-11853 |
119 |
|
Overflow |
2018-10-26 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016 |
13373 |
CVE-2018-11852 |
787 |
|
|
2018-09-18 |
2018-11-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write. |
13374 |
CVE-2018-11851 |
787 |
|
|
2018-09-18 |
2019-04-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack. |
13375 |
CVE-2018-11850 |
119 |
|
Overflow |
2018-10-26 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 |
13376 |
CVE-2018-11849 |
119 |
|
Overflow |
2018-10-26 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016 |
13377 |
CVE-2018-11846 |
200 |
|
+Info |
2018-10-26 |
2018-12-10 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850 |
13378 |
CVE-2018-11843 |
416 |
|
|
2018-09-18 |
2018-11-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free. |
13379 |
CVE-2018-11842 |
119 |
|
Overflow |
2018-09-18 |
2018-11-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated. |
13380 |
CVE-2018-11840 |
415 |
|
|
2018-09-18 |
2019-04-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice. |
13381 |
CVE-2018-11836 |
119 |
|
Overflow |
2018-09-18 |
2018-11-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function. |
13382 |
CVE-2018-11832 |
119 |
|
Overflow |
2018-09-18 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow. |
13383 |
CVE-2018-11830 |
20 |
|
Overflow |
2019-04-04 |
2019-04-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A |
13384 |
CVE-2018-11828 |
400 |
|
|
2018-10-26 |
2019-04-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52 |
13385 |
CVE-2018-11827 |
129 |
|
|
2018-09-18 |
2019-04-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write. |
13386 |
CVE-2018-11826 |
190 |
|
Overflow |
2018-09-18 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler. |
13387 |
CVE-2018-11824 |
119 |
|
Overflow |
2018-10-26 |
2018-12-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660 |
13388 |
CVE-2018-11823 |
415 |
|
|
2018-11-27 |
2018-12-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power module. |
13389 |
CVE-2018-11822 |
190 |
|
Overflow |
2018-10-26 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 |
13390 |
CVE-2018-11821 |
190 |
|
Overflow |
2018-10-26 |
2019-04-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016 |
13391 |
CVE-2018-11819 |
416 |
|
|
2019-06-14 |
2019-06-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDX20, SDX24 |
13392 |
CVE-2018-11818 |
416 |
|
|
2018-09-18 |
2018-11-09 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race condition. |
13393 |
CVE-2018-11813 |
834 |
|
|
2018-06-05 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. |
13394 |
CVE-2018-11808 |
20 |
|
|
2018-06-05 |
2018-08-06 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user (which by default is "NT AUTHORITY / SYSTEM") by sending a specially crafted request to the server. |
13395 |
CVE-2018-11806 |
119 |
|
Overflow |
2018-06-13 |
2019-05-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. |
13396 |
CVE-2018-11804 |
20 |
|
|
2018-10-24 |
2018-12-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to and including master. This server will accept connections from external hosts by default. A specially-crafted request to the zinc server could cause it to reveal information in files readable to the developer account running the build. Note that this issue does not affect end users of Spark, only developers building Spark from source code. |
13397 |
CVE-2018-11803 |
476 |
|
|
2019-02-05 |
2019-04-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation. |
13398 |
CVE-2018-11801 |
89 |
|
Exec Code Sql |
2019-06-11 |
2019-06-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table. |
13399 |
CVE-2018-11800 |
89 |
|
Exec Code Sql |
2019-06-11 |
2019-06-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table. |
13400 |
CVE-2018-11798 |
538 |
|
|
2019-01-07 |
2019-06-18 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path. |