Vulnerabilidades en Qualcomm, Inc.

2934 resultados
Análisis Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2017-11015In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_EPSS 0.5%CVE-2016-10339In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.EPSS 0.5%CVE-2021-1904MEDIUMChild process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon AuEPSS 0.5%CVE-2018-3563In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security pEPSS 0.5%CVE-2017-9685In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After FrEPSS 0.5%CVE-2016-10332In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications.EPSS 0.5%CVE-2016-10336In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot.EPSS 0.5%CVE-2016-10337In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.EPSS 0.5%CVE-2017-8255In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.EPSS 0.5%CVE-2021-35083HIGHPossible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon CoEPSS 0.5%CVE-2018-11891In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of aEPSS 0.5%CVE-2018-3599In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security pEPSS 0.5%CVE-2024-45569CRITICALImproper Validation of Array Index in WLAN Host CommunicationEPSS 0.5%CVE-2018-3596In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security pEPSS 0.5%CVE-2022-40514CRITICALBuffer copy without checking size of input in WLAN FirmwareEPSS 0.5%CVE-2018-11263In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FWEPSS 0.5%CVE-2017-8243A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware imaEPSS 0.5%CVE-2015-9021In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled.EPSS 0.5%CVE-2018-5872While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSMEPSS 0.5%CVE-2017-14907In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reEPSS 0.5%