Total
504 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1923 | 1 Qualcomm | 168 Aqt1000, Aqt1000 Firmware, Qca6390 and 165 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT | |||||
| CVE-2021-1905 | 1 Qualcomm | 792 Apq8009, Apq8009 Firmware, Apq8009w and 789 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1898 | 1 Qualcomm | 84 Apq8009, Apq8009 Firmware, Apq8053 and 81 more | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
| Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11246 | 1 Qualcomm | 634 Apq8017, Apq8017 Firmware, Apq8037 and 631 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11254 | 1 Qualcomm | 121 Pm6150a, Pm6150l, Pm6350 and 118 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
| CVE-2021-1940 | 1 Qualcomm | 134 Aqt1000, Aqt1000 Firmware, Ar8031 and 131 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| Use after free can occur due to improper handling of response from firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11189 | 1 Qualcomm | 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11199 | 1 Qualcomm | 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11225 | 1 Qualcomm | 405 Apq8064au, Apq8096au, Aqt1000 and 402 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11147 | 1 Qualcomm | 406 Aqt1000, Aqt1000 Firmware, Pm3003a and 403 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11227 | 1 Qualcomm | 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11287 | 1 Qualcomm | 329 Aqt1000, Ar8031, Ar8035 and 326 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11163 | 1 Qualcomm | 500 Apq8017, Apq8017 Firmware, Aqt1000 and 497 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11296 | 1 Qualcomm | 1064 Apq8009, Apq8009 Firmware, Apq8017 and 1061 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11217 | 1 Qualcomm | 193 Pm3003a, Pm4125, Pm6125 and 190 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11179 | 1 Qualcomm | 404 Apq8009, Apq8009w, Apq8017 and 401 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
| Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11148 | 1 Qualcomm | 246 Apq8017, Apq8053, Msm8917 and 243 more | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
| Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2020-11277 | 1 Qualcomm | 322 Pm3003a, Pm3003a Firmware, Pm4250 and 319 more | 2024-02-28 | 6.9 MEDIUM | 7.4 HIGH |
| Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11149 | 1 Qualcomm | 293 Apq8053, Apq8096au, Aqt1000 and 290 more | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
| Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11187 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Csrb31024 and 193 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile | |||||