|
211631
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.
|
CWE-254
7PK - Security Features
|
CVE-2015-9065
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211632
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated.
|
CWE-284
Improper Access Control
|
CVE-2015-9064
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211633
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9063
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211634
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file.
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2015-9062
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211635
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.
|
CWE-20
Improper Input Validation
|
CVE-2015-9061
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211636
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.
|
CWE-20
Improper Input Validation
|
CVE-2015-9060
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211637
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
|
CWE-20
Improper Input Validation
|
CVE-2015-9055
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211638
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-9054
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211639
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9053
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211640
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message.
|
CWE-20
Improper Input Validation
|
CVE-2015-9052
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
