Total
720 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-30344 | 1 Qualcomm | 294 Apq8009w, Apq8009w Firmware, Apq8017 and 291 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30343 | 1 Qualcomm | 128 Ar8035, Ar8035 Firmware, Qca6390 and 125 more | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35111 | 1 Qualcomm | 75 Ar8035, Ar8035 Firmware, Qca6390 and 72 more | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2021-35076 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qca6390 and 111 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35086 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qca6390 and 107 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30347 | 1 Qualcomm | 128 Ar8035, Ar8035 Firmware, Qca6390 and 125 more | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-35084 | 1 Qualcomm | 184 Aqt1000, Aqt1000 Firmware, Ar8031 and 181 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-35071 | 1 Qualcomm | 342 Aqt1000, Aqt1000 Firmware, Ar8035 and 339 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-35102 | 1 Qualcomm | 135 Ar8035, Ar8035 Firmware, Qca6390 and 132 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2021-35106 | 1 Qualcomm | 224 Aqt1000, Aqt1000 Firmware, Ar8031 and 221 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2022-22057 | 1 Qualcomm | 160 Apq8053, Apq8053 Firmware, Ar8035 and 157 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
CVE-2021-35101 | 1 Qualcomm | 48 Aqt1000, Aqt1000 Firmware, Qca6390 and 45 more | 2024-02-28 | 4.9 MEDIUM | 6.5 MEDIUM |
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile | |||||
CVE-2021-30331 | 1 Qualcomm | 154 Ar8035, Ar8035 Firmware, Fsm10055 and 151 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
CVE-2021-35083 | 1 Qualcomm | 347 Apq8009, Apq8009 Firmware, Apq8009w and 344 more | 2024-02-28 | 9.4 HIGH | 9.1 CRITICAL |
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2022-22071 | 1 Qualcomm | 180 Apq8053, Apq8053 Firmware, Ar8031 and 177 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2022-22090 | 1 Qualcomm | 45 Sd865 5g, Sd865 5g Firmware, Sd888 5g and 42 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2021-35092 | 1 Qualcomm | 166 Apq8053, Apq8053 Firmware, Apq8096au and 163 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-35094 | 1 Qualcomm | 162 Aqt1000, Aqt1000 Firmware, Qca6390 and 159 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30317 | 1 Qualcomm | 228 Aqt1000, Aqt1000 Firmware, Ar8031 and 225 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-35117 | 1 Qualcomm | 204 Apq8096au, Apq8096au Firmware, Aqt1000 and 201 more | 2024-02-28 | 9.4 HIGH | 9.1 CRITICAL |
An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |