|
274091
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9066
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274092
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.
|
CWE-254
7PK - Security Features
|
CVE-2015-9065
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274093
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated.
|
CWE-284
Improper Access Control
|
CVE-2015-9064
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274094
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9063
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274095
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file.
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2015-9062
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274096
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.
|
CWE-20
Improper Input Validation
|
CVE-2015-9061
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274097
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.
|
CWE-20
Improper Input Validation
|
CVE-2015-9060
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274098
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
|
CWE-20
Improper Input Validation
|
CVE-2015-9055
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274099
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-9054
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274100
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9053
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
