Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2019-2305

Published: 25/07/2019 Updated: 29/07/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Qualcomm

Vulnerability Summary

Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm mdm9150_firmware -

qualcomm mdm9206_firmware -

qualcomm mdm9607_firmware -

qualcomm mdm9640_firmware -

qualcomm mdm9650_firmware -

qualcomm msm8996au_firmware -

qualcomm qca6174a_firmware -

qualcomm qca6574au_firmware -

qualcomm qca9377_firmware -

qualcomm qca9379_firmware -

qualcomm qcs405_firmware -

qualcomm qcs605_firmware -

qualcomm sd_425_firmware -

qualcomm sd_427_firmware -

qualcomm sd_430_firmware -

qualcomm sd_435_firmware -

qualcomm sd_450_firmware -

qualcomm sd_625_firmware -

qualcomm sd_636_firmware -

qualcomm sd_665_firmware -

qualcomm sd_675_firmware -

qualcomm sd_712_firmware -

qualcomm sd_710_firmware -

qualcomm sd_670_firmware -

qualcomm sd_730_firmware -

qualcomm sd_820_firmware -

qualcomm sd_820a_firmware -

qualcomm sd_835_firmware -

qualcomm sd_845_firmware -

qualcomm sd_850_firmware -

qualcomm sd_855_firmware -

qualcomm sda660_firmware -

qualcomm sdm630_firmware -

qualcomm sdm660_firmware -

qualcomm sdx20_firmware -

qualcomm sdx24_firmware -

Recent Articles

July is here – and so are the latest Android security fixes. Plenty of critical updates for all
The Register • Shaun Nichols in San Francisco • 01 Jul 2019

Patch, punch, it's the first of the month It is with a heavy heart that we must report that your software has bugs and needs patching: Microsoft, Adobe, SAP, Intel emit security fixes

Google today posted a fresh round of Android security fixes. The July update addresses a total of 33 CVE-listed vulnerabilities, nine of them classified as critical risks. At the basic 2019-07-01 level, a dozen bugs are addressed. Five of those would allow for remote code execution if exploited; three (CVE-2019-2106, CVE-2019-2107, CVE-2019-2100) in the Android media framework, while another (CVE-2019-2105) is in Android Library and the fifth (CVE-2019-2105) is found in the System. All would be ...

Read more...

References

CWE-125https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletinhttps://nvd.nist.govhttps://www.theregister.co.uk/2019/07/01/july_android_fixes/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook