{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T21:10:48.126","vulnerabilities":[{"cve":{"id":"CVE-2015-9162","sourceIdentifier":"product-security@qualcomm.com","published":"2018-04-18T14:29:05.667","lastModified":"2024-11-21T02:39:56.237","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in the function \"Certificate_CreateWithBuffer\" in the QSEE app TQS, in case of memory allocation failure, we free the memory and return the pointer without setting it to NULL."},{"lang":"es","value":"En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808 y SD 810, en la función \"Certificate_CreateWithBuffer\" en la aplicación TQS de QSEE, en caso de un error de asignación de memoria, se libera la memoria y se devuelve el puntero sin establecerlo como NULL."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F683C42D-A310-4369-9689-3DBC9288591E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*","matchCriteriaId":"0EADE10A-0F63-4149-8F03-030673D6D7CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A78C9449-5EB0-459B-AA72-EFF00592C30A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*","matchCriteriaId":"2D583172-F1F1-4DF8-99CE-B94A84D14CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D27A1760-8D1B-4172-B6CE-65C72332F103"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:*","matchCriteriaId":"CC5F96F1-D3FB-482B-A3C8-57BA4DE86D5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BC1650DB-FDF8-4BE5-9437-8ADA11A07116"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*","matchCriteriaId":"B51DD51F-4BDE-497B-89E5-551D10CF3442"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0752054B-2C29-4490-ADC8-29F82BAA17E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*","matchCriteriaId":"005038B5-BCB7-4A23-8562-ACEF6E156C1F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"67E0DD11-0B28-4B6D-BDB7-0DBFA34A7187"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*","matchCriteriaId":"551512D0-ED24-4B5A-BEB2-B090BB8DEE0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_808_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"33257838-2D70-4C43-8EE8-7538764EFFD9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_808:-:*:*:*:*:*:*:*","matchCriteriaId":"1B2D83E1-F1F2-48E5-B3E0-806DAB14B60B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95B4B4D4-0357-4E1D-9B72-635106D632CF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*","matchCriteriaId":"2F992088-5E31-4625-8C3B-CE7F946C61F2"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103671","source":"product-security@qualcomm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}