| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors. |
| Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .isf file. |
| The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local users to unlock the bootloader by using kernel mode to perform crafted 0x9 and 0x2 SMC operations, a different vulnerability than CVE-2013-2596. |
| Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c. |
| Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions. |
| Denial of service in MODEM due to improper pointer handling |
| Information exposure in DSP services due to improper handling of freeing memory |
| Memory corruption in video driver due to type confusion error during video playback |
| Memory corruption due to stack-based buffer overflow in Core |
| Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. |
| Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication. |
| Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content. |
| Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames. |
| Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame. |
| Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer. |
| Memory corruption in Automotive due to improper input validation. |
| Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping. |
| Memory corruption in display due to double free while allocating frame buffer memory |
| Memory corruption in Multimedia Framework due to unsafe access to the data members |
| Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields |
