Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2018-02-23 |
| Product | mdm9206 Firmware | Last view | 2023-08-08 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* | 730 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.1 | 2023-08-08 | CVE-2023-21626 | Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. |
| 9.8 | 2023-08-08 | CVE-2022-40510 | Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
| 7.5 | 2023-04-13 | CVE-2022-33295 | Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length. |
| 7.5 | 2023-04-13 | CVE-2022-33294 | Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message. |
| 9.8 | 2023-04-13 | CVE-2022-33259 | Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received. |
| 7.5 | 2023-04-13 | CVE-2022-33258 | Information disclosure due to buffer over-read in modem while reading configuration parameters. |
| 7.5 | 2023-04-13 | CVE-2022-33228 | Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header. |
| 7.5 | 2023-04-13 | CVE-2022-33223 | Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding. |
| 7.5 | 2023-04-13 | CVE-2022-33222 | Information disclosure due to buffer over-read while parsing DNS response packets in Modem. |
| 9.8 | 2023-04-13 | CVE-2022-33211 | memory corruption in modem due to improper check while calculating size of serialized CoAP message |
| 7.5 | 2023-04-13 | CVE-2022-25747 | Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message |
| 9.8 | 2023-04-13 | CVE-2022-25740 | Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface |
| 7.5 | 2023-04-13 | CVE-2022-25739 | Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call |
| 7.5 | 2023-04-13 | CVE-2022-25737 | Information disclosure in modem due to missing NULL check while reading packets received from local network |
| 7.5 | 2023-04-13 | CVE-2022-25731 | Information disclosure in modem due to buffer over-read while processing packets from DNS server |
| 7.5 | 2023-04-13 | CVE-2022-25730 | Information disclosure in modem due to improper check of IP type while processing DNS server query |
| 7.5 | 2023-04-13 | CVE-2022-25726 | Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet |
| 9.8 | 2023-04-13 | CVE-2022-25678 | Memory correction in modem due to buffer overwrite during coap connection |
| 7.8 | 2023-03-10 | CVE-2022-40531 | Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
| 9.8 | 2023-03-10 | CVE-2022-40515 | Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. |
| 8.8 | 2023-03-10 | CVE-2022-33213 | Memory corruption in modem due to buffer overflow while processing a PPP packet |
| 7.8 | 2023-03-10 | CVE-2022-25705 | Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response |
| 7.8 | 2023-03-10 | CVE-2022-25694 | Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM |
| 7.8 | 2023-03-10 | CVE-2022-25655 | Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. |
| 5.5 | 2023-03-10 | CVE-2022-22075 | Information Disclosure in Graphics during GPU context switch. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 15% (117) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (104) | CWE-125 | Out-of-bounds Read |
| 8% (62) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 8% (61) | CWE-787 | Out-of-bounds Write |
| 7% (54) | CWE-190 | Integer Overflow or Wraparound |
| 7% (53) | CWE-416 | Use After Free |
| 5% (44) | CWE-20 | Improper Input Validation |
| 5% (43) | CWE-129 | Improper Validation of Array Index |
| 5% (40) | CWE-476 | NULL Pointer Dereference |
| 3% (25) | CWE-200 | Information Exposure |
| 2% (15) | CWE-415 | Double Free |
| 1% (11) | CWE-362 | Race Condition |
| 1% (10) | CWE-284 | Access Control (Authorization) Issues |
| 1% (10) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 0% (7) | CWE-617 | Reachable Assertion |
| 0% (7) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 0% (6) | CWE-287 | Improper Authentication |
| 0% (4) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (4) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (4) | CWE-388 | Error Handling |
| 0% (4) | CWE-338 | Use of Cryptographically Weak PRNG |
| 0% (4) | CWE-203 | Information Exposure Through Discrepancy |
| 0% (4) | CWE-19 | Data Handling |
| 0% (3) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 0% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
