Vulnerabilidades em Qualcomm, Inc.

2.934 resultados

Análise Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2017-11028—In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, thEPSS 0.6%CVE-2023-33042HIGHImproper Input Validation in ModemEPSS 0.6%CVE-2014-9932—In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an imprEPSS 0.6%CVE-2015-8995—In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.EPSS 0.6%CVE-2019-2289—Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, SnapdEPSS 0.6%CVE-2014-9964—In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.EPSS 0.6%CVE-2015-8998—In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.EPSS 0.6%CVE-2020-11278—Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon ConEPSS 0.6%CVE-2020-11280—Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to impropEPSS 0.6%CVE-2017-14876—In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfeEPSS 0.6%CVE-2017-14881—While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, EPSS 0.6%CVE-2017-14877—While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no muteEPSS 0.6%CVE-2020-11297—Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, SnapdragoEPSS 0.6%CVE-2020-11270—Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter EPSS 0.6%CVE-2018-3586—An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS EPSS 0.6%CVE-2021-1970HIGHPossible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, SEPSS 0.6%CVE-2017-11043—In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, aEPSS 0.6%CVE-2017-11014—In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement EPSS 0.6%CVE-2017-11013—In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpEPSS 0.6%CVE-2014-9962—In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command.EPSS 0.6%

← anteriorpágina 36 / 147próxima →