How severe is CVE-2019-14077?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2019-14077?

This is classified as CWE-704, which is a common weakness in software security.

CVE-2019-14077 - HIGH Severity | CVSS 7.8

Vulnerability Description

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Related Vulnerabilities

CVE-2014-9627

HIGH

CVSS:7.8(High)

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows rem...

CWE-7042014

CVE-2016-4709

HIGH

CVSS:7.8(High)

WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710.

CWE-7042016

CVE-2016-4710

HIGH

CVSS:7.8(High)

WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709.

CWE-7042016

CVE-2016-7617

HIGH

CVSS:7.8(High)

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context...

CWE-7042016

CVE-2016-7655

HIGH

CVSS:7.8(High)

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users ...

CWE-7042016

CVE-2016-8602

HIGH

CVSS:7.8(High)

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript...

CWE-7042016