CVE-2015-9549

A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php.

CVE-2019-10580 (mdm9607_firmware, msm8909w_firmware, nicobar_firmware, qcm2150_firmware, qcs405_firmware, qcs605_firmware, saipan_firmware, sc8180x_firmware, sdm429w_firmware, sdx55_firmware, sm8150_firmware, sm8250_firmware, sxr2130_firmware)

When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MSM8909W, Nicobar, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDM429W, SDX55, SM8150, SM8250, SXR2130

CVE-2019-11286

VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service available to the network which does not properly restrict input. A remote authenticated malicious user may request against the service with a crafted set of credentials leading to remote code execution.

CVE-2019-14037 (apq8009_firmware, apq8053_firmware, apq8096au_firmware, apq8098_firmware, mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, mdm9640_firmware, mdm9650_firmware, msm8905_firmware, msm8909w_firmware, msm8996_firmware, msm8996au_firmware, qcn7605_firmware, qcn7606_firmware, qcs605_firmware, sc8180x_firmware, sda660_firmware, sda845_firmware, sdm439_firmware, sdm630_firmware, sdm636_firmware, sdm660_firmware, sdm670_firmware, sdm710_firmware, sdm845_firmware, sdx20_firmware, sdx24_firmware, sdx55_firmware, sm8150_firmware, sxr1130_firmware)

Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCN7606, QCS605, SC8180X, SDA660, SDA845, SDM439, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

CVE-2019-14093 (apq8009_firmware, apq8017_firmware, apq8053_firmware, apq8096au_firmware, apq8098_firmware, mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, mdm9650_firmware, msm8909w_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, msm8996_firmware, msm8996au_firmware, qcm2150_firmware, qcs405_firmware, qcs605_firmware, qm215_firmware, sda660_firmware, sda845_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm632_firmware, sdm636_firmware, sdm660_firmware, sdx20_firmware)

Array out of bound access can occur in display module due to lack of bound check on input parcel received in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCM2150, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM636, SDM660, SDX20

CVE-2019-14099 (apq8053_firmware, mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, msm8909w_firmware, msm8917_firmware, msm8953_firmware, nicobar_firmware, qcm2150_firmware, qcs405_firmware, qcs605_firmware, qm215_firmware, saipan_firmware, sc8180x_firmware, sda845_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm632_firmware, sdx24_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8150_firmware, sm8250_firmware, sxr1130_firmware, sxr2130_firmware)

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVE-2019-14100 (mdm9206_firmware, mdm9207c_firmware, mdm9607_firmware, nicobar_firmware, qcs405_firmware, sa6155p_firmware, sc8180x_firmware, sdx55_firmware, sm8150_firmware)

Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX55, SM8150

CVE-2019-14101 (apq8009_firmware, apq8096_firmware, apq8096au_firmware, apq8098_firmware, kamorta_firmware, mdm9150_firmware, mdm9205_firmware, mdm9206_firmware, mdm9607_firmware, mdm9625_firmware, mdm9635m_firmware, mdm9640_firmware, mdm9650_firmware, mdm9655_firmware, msm8905_firmware, msm8909_firmware, msm8909w_firmware, msm8917_firmware, msm8920_firmware, msm8937_firmware, msm8940_firmware, msm8953_firmware, msm8996_firmware, msm8996au_firmware, msm8998_firmware, nicobar_firmware, qcm2150_firmware, qcn7605_firmware, qcs404_firmware, qcs405_firmware, qcs605_firmware, qm215_firmware, rennell_firmware, sa415m_firmware, saipan_firmware, sc7180_firmware, sc8180x_firmware, sda660_firmware, sda845_firmware, sdm429_firmware, sdm429w_firmware, sdm439_firmware, sdm450_firmware, sdm630_firmware, sdm632_firmware, sdm636_firmware, sdm660_firmware, sdm670_firmware, sdm710_firmware, sdm845_firmware, sdm850_firmware, sdx24_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8150_firmware, sxr1130_firmware)

Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

CVE-2019-14123 (kamorta_firmware, qcs404_firmware, rennell_firmware, sc7180_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8250_firmware, sxr2130_firmware)

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

CVE-2019-14124 (kamorta_firmware, qcs404_firmware, rennell_firmware, sc7180_firmware, sdx55_firmware, sm6150_firmware, sm7150_firmware, sm8250_firmware, sxr2130_firmware)

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Cynet 360 Uses Insecure Control Channels	23 April 2020
Spamhaus still parties like it's 1999	16 October 2019
Twitter Screws Up With Data It Shouldn't Hold	09 October 2019
The Curious Case of BitFi and Secret Persistence	16 July 2019
A guide to designing Account Security Mechanisms	26 March 2017
Don't Use Web2Tor/Tor2Web (especially Onion.cab)	04 March 2017
The State of Mobile Banking (in the UK)	21 June 2016
The DVLA is routinely sending sensitive details via email	28 December 2014
Understanding Password Storage	22 June 2014
My Own Little HeartBleed Headache	19 April 2014

BenTasker.co.uk

Recent CVEs