Total
656 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-35069 | 1 Qualcomm | 382 Apq8096au, Apq8096au Firmware, Aqt1000 and 379 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-35121 | 1 Qualcomm | 88 Apq8053, Apq8053 Firmware, Msm8953 and 85 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-1950 | 1 Qualcomm | 184 Ar8035, Ar8035 Firmware, Csr8811 and 181 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2022-22085 | 1 Qualcomm | 309 Apq8009, Apq8009 Firmware, Apq8009w and 306 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-35119 | 1 Qualcomm | 165 Aqt1000, Aqt1000 Firmware, Ar8035 and 162 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-1942 | 1 Qualcomm | 222 Aqt1000, Aqt1000 Firmware, Ar8031 and 219 more | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30334 | 1 Qualcomm | 262 Apq8009w, Apq8009w Firmware, Aqt1000 and 259 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-35085 | 1 Qualcomm | 140 Aqt1000, Aqt1000 Firmware, Ar8035 and 137 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35090 | 1 Qualcomm | 112 Aqt1000, Aqt1000 Firmware, Qca6390 and 109 more | 2024-02-28 | 6.9 MEDIUM | 7.8 HIGH |
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30339 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qca6391 and 107 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30344 | 1 Qualcomm | 294 Apq8009w, Apq8009w Firmware, Apq8017 and 291 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30343 | 1 Qualcomm | 128 Ar8035, Ar8035 Firmware, Qca6390 and 125 more | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35111 | 1 Qualcomm | 75 Ar8035, Ar8035 Firmware, Qca6390 and 72 more | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2021-35076 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qca6390 and 111 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35086 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qca6390 and 107 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30347 | 1 Qualcomm | 128 Ar8035, Ar8035 Firmware, Qca6390 and 125 more | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35084 | 1 Qualcomm | 184 Aqt1000, Aqt1000 Firmware, Ar8031 and 181 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-35071 | 1 Qualcomm | 342 Aqt1000, Aqt1000 Firmware, Ar8035 and 339 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-35102 | 1 Qualcomm | 135 Ar8035, Ar8035 Firmware, Qca6390 and 132 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2021-35106 | 1 Qualcomm | 224 Aqt1000, Aqt1000 Firmware, Ar8031 and 221 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |