7.8

CVE-2019-14036

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

Data is provided by the National Vulnerability Database (NVD)
QualcommApq8064 Firmware Version-
   QualcommApq8064 Version-
QualcommApq8096au Firmware Version-
   QualcommApq8096au Version-
QualcommIpq4019 Firmware Version-
   QualcommIpq4019 Version-
QualcommIpq8064 Firmware Version-
   QualcommIpq8064 Version-
QualcommIpq8074 Firmware Version-
   QualcommIpq8074 Version-
QualcommMdm9607 Firmware Version-
   QualcommMdm9607 Version-
QualcommMdm9615 Firmware Version-
   QualcommMdm9615 Version-
QualcommMdm9640 Firmware Version-
   QualcommMdm9640 Version-
QualcommMsm8996au Firmware Version-
   QualcommMsm8996au Version-
QualcommQcn7605 Firmware Version-
   QualcommQcn7605 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.04% 0.066
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.