Total
616 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-1901 | 1 Qualcomm | 84 Apq8009, Apq8009 Firmware, Apq8053 and 81 more | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11289 | 1 Qualcomm | 992 Apq8009, Apq8009 Firmware, Apq8017 and 989 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11165 | 1 Qualcomm | 510 Aqt1000, Aqt1000 Firmware, Ar8035 and 507 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11291 | 1 Qualcomm | 192 Apq8017, Apq8017 Firmware, Apq8053 and 189 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile | |||||
CVE-2021-1906 | 1 Qualcomm | 800 Apq8009, Apq8009 Firmware, Apq8009w and 797 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-1890 | 1 Qualcomm | 316 Apq8017, Apq8017 Firmware, Apq8037 and 313 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-1943 | 1 Qualcomm | 354 Apq8053, Apq8053 Firmware, Aqt1000 and 351 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11295 | 1 Qualcomm | 346 Fsm10055, Fsm10055 Firmware, Fsm10056 and 343 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-11252 | 1 Qualcomm | 620 Aqt1000, Aqt1000 Firmware, Ar8031 and 617 more | 2024-02-28 | 4.7 MEDIUM | 5.5 MEDIUM |
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1886 | 1 Qualcomm | 316 Apq8017, Apq8017 Firmware, Apq8037 and 313 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11231 | 1 Qualcomm | 430 Apq8017, Apq8017 Firmware, Apq8053 and 427 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-11237 | 1 Qualcomm | 330 Csrb31024, Csrb31024 Firmware, Pm3003a and 327 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2020-11161 | 1 Qualcomm | 452 Apq8053, Apq8053 Firmware, Apq8064au and 449 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-1970 | 1 Qualcomm | 236 Apq8053, Apq8053 Firmware, Aqt1000 and 233 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-1920 | 1 Qualcomm | 342 Apq8009, Apq8009 Firmware, Apq8009w and 339 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11250 | 1 Qualcomm | 720 Apq8009w, Apq8009w Firmware, Apq8017 and 717 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11247 | 1 Qualcomm | 638 Apq8009, Apq8009 Firmware, Apq8009w and 635 more | 2024-02-28 | 9.4 HIGH | 9.1 CRITICAL |
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11298 | 1 Qualcomm | 222 Aqt1000, Aqt1000 Firmware, Ar8031 and 219 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11160 | 1 Qualcomm | 290 Apq8096au, Apq8096au Firmware, Aqt1000 and 287 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11234 | 1 Qualcomm | 674 Apq8009, Apq8009 Firmware, Apq8009w and 671 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |