Lucene search

[email protected]NVD:CVE-2019-14078

HistoryJun 02, 2020 - 3:15 p.m.

CVE-2019-14078

2020-06-0215:15:11

CWE-131

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Out of bound memory access while processing qpay due to not validating length of the response buffer provided by User. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845

Affected configurations

Nvd

Node

qualcommapq8009_firmwareMatch-

AND

qualcommapq8009Match-

Node

qualcommapq8098_firmwareMatch-

AND

qualcommapq8098Match-

Node

qualcommmsm8909_firmwareMatch-

AND

qualcommmsm8909Match-

Node

qualcommmsm8998_firmwareMatch-

AND

qualcommmsm8998Match-

Node

qualcommsda660_firmwareMatch-

AND

qualcommsda660Match-

Node

qualcommsda845_firmwareMatch-

AND

qualcommsda845Match-

Node

qualcommsdm630_firmwareMatch-

AND

qualcommsdm630Match-

Node

qualcommsdm636_firmwareMatch-

AND

qualcommsdm636Match-

Node

qualcommsdm660_firmwareMatch-

AND

qualcommsdm660Match-

Node

qualcommsdm845_firmwareMatch-

AND

qualcommsdm845Match-

VendorProductVersionCPE
qualcommapq8009_firmware-cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
qualcommapq8009-cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
qualcommapq8098_firmware-cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
qualcommapq8098-cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
qualcommmsm8909_firmware-cpe:2.3:o:qualcomm:msm8909_firmware:-:*:*:*:*:*:*:*
qualcommmsm8909-cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*
qualcommmsm8998_firmware-cpe:2.3:o:qualcomm:msm8998_firmware:-:*:*:*:*:*:*:*
qualcommmsm8998-cpe:2.3:h:qualcomm:msm8998:-:*:*:*:*:*:*:*
qualcommsda660_firmware-cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
qualcommsda660-cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	apq8009_firmware	-	cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::*
qualcomm	apq8009	-	cpe:2.3:h:qualcomm:apq8009:-:::::::*
qualcomm	apq8098_firmware	-	cpe:2.3:o:qualcomm:apq8098_firmware:-:::::::*
qualcomm	apq8098	-	cpe:2.3:h:qualcomm:apq8098:-:::::::*
qualcomm	msm8909_firmware	-	cpe:2.3:o:qualcomm:msm8909_firmware:-:::::::*
qualcomm	msm8909	-	cpe:2.3:h:qualcomm:msm8909:-:::::::*
qualcomm	msm8998_firmware	-	cpe:2.3:o:qualcomm:msm8998_firmware:-:::::::*
qualcomm	msm8998	-	cpe:2.3:h:qualcomm:msm8998:-:::::::*
qualcomm	sda660_firmware	-	cpe:2.3:o:qualcomm:sda660_firmware:-:::::::*
qualcomm	sda660	-	cpe:2.3:h:qualcomm:sda660:-:::::::*

Rows per page:

1-10 of 201

References

www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2019-14078

cvelist1 cve1 prion1