Total
383 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11140 | 1 Qualcomm | 449 Apq8017, Apq8037, Apq8052 and 446 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11139 | 1 Qualcomm | 412 Apq8017, Apq8037, Apq8052 and 409 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Out of bound memory access while processing frames due to lack of check of invalid frames received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11138 | 1 Qualcomm | 491 Apq8009, Apq8009w, Apq8017 and 488 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11137 | 1 Qualcomm | 491 Apq8009, Apq8009w, Apq8017 and 488 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11136 | 1 Qualcomm | 506 Apq8009, Apq8009w, Apq8017 and 503 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11134 | 1 Qualcomm | 650 Aqt1000, Aqt1000 Firmware, Ar8031 and 647 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11126 | 1 Qualcomm | 782 Apq8096au, Apq8096au Firmware, Aqt1000 and 779 more | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
| Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11119 | 1 Qualcomm | 942 Apq8009, Apq8009 Firmware, Apq8017 and 939 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2024-33014 | 1 Qualcomm | 650 315 5g Iot Modem, 315 5g Iot Modem Firmware, 860 Mobile Platform and 647 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing ESP IE from beacon/probe response frame. | |||||
| CVE-2024-33023 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Csra6620 and 311 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. | |||||
| CVE-2024-33022 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Csra6620 and 245 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption while allocating memory in HGSL driver. | |||||
| CVE-2024-33021 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption while processing IOCTL call to set metainfo. | |||||
| CVE-2024-33028 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released. | |||||
| CVE-2024-33027 | 1 Qualcomm | 180 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 177 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table. | |||||
| CVE-2024-38423 | 1 Qualcomm | 412 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 409 more | 2024-11-07 | N/A | 7.8 HIGH |
| Memory corruption while processing GPU page table switch. | |||||
| CVE-2024-38422 | 1 Qualcomm | 536 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 533 more | 2024-11-07 | N/A | 7.8 HIGH |
| Memory corruption while processing voice packet with arbitrary data received from ADSP. | |||||
| CVE-2024-38419 | 1 Qualcomm | 296 Ar8035, Ar8035 Firmware, Csra6620 and 293 more | 2024-11-07 | N/A | 7.8 HIGH |
| Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. | |||||
| CVE-2024-38415 | 1 Qualcomm | 356 215 Mobile Platform, 215 Mobile Platform Firmware, Ar8035 and 353 more | 2024-11-07 | N/A | 7.8 HIGH |
| Memory corruption while handling session errors from firmware. | |||||
| CVE-2024-38402 | 1 Qualcomm | 336 Ar8035, Ar8035 Firmware, Csra6620 and 333 more | 2024-09-05 | N/A | 7.8 HIGH |
| Memory corruption while processing IOCTL call for getting group info. | |||||
| CVE-2024-33045 | 1 Qualcomm | 360 Ar8035, Ar8035 Firmware, Csra6620 and 357 more | 2024-09-04 | N/A | 7.8 HIGH |
| Memory corruption when BTFM client sends new messages over Slimbus to ADSP. | |||||