Vulnerabilities (CVE)

Filtered by vendor Qualcomm Subscribe
Total 2008 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11295 1 Qualcomm 346 Fsm10055, Fsm10055 Firmware, Fsm10056 and 343 more 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11294 1 Qualcomm 488 Ar8035, Ar8035 Firmware, Pm215 and 485 more 2024-11-21 4.6 MEDIUM 5.9 MEDIUM
Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11293 1 Qualcomm 678 Apq8017, Apq8017 Firmware, Apq8037 and 675 more 2024-11-21 3.6 LOW 5.1 MEDIUM
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11292 1 Qualcomm 354 Apq8009, Apq8009 Firmware, Apq8009w and 351 more 2024-11-21 7.2 HIGH 7.8 HIGH
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11291 1 Qualcomm 192 Apq8017, Apq8017 Firmware, Apq8053 and 189 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
CVE-2020-11290 1 Qualcomm 656 Apq8009, Apq8009 Firmware, Apq8009w and 653 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11289 1 Qualcomm 992 Apq8009, Apq8009 Firmware, Apq8017 and 989 more 2024-11-21 7.2 HIGH 7.8 HIGH
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11288 1 Qualcomm 636 Aqt1000, Aqt1000 Firmware, Ar8031 and 633 more 2024-11-21 7.2 HIGH 7.8 HIGH
Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-11287 1 Qualcomm 329 Aqt1000, Ar8031, Ar8035 and 326 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11286 1 Qualcomm 135 Apq8009, Apq8009w, Apq8017 and 132 more 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11285 1 Qualcomm 800 Apq8009, Apq8009 Firmware, Apq8009w and 797 more 2024-11-21 9.4 HIGH 8.2 HIGH
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11284 1 Qualcomm 262 Aqt1000, Aqt1000 Firmware, Ar8035 and 259 more 2024-11-21 7.2 HIGH 8.4 HIGH
Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11283 1 Qualcomm 379 Apq8009, Apq8009w, Apq8017 and 376 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11282 1 Qualcomm 425 Apq8009, Apq8009w, Apq8017 and 422 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the GPU to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11281 1 Qualcomm 694 Aqt1000, Aqt1000 Firmware, Ar8031 and 691 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11280 1 Qualcomm 824 Aqt1000, Aqt1000 Firmware, Ar7420 and 821 more 2024-11-21 7.8 HIGH 7.5 HIGH
Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11279 1 Qualcomm 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more 2024-11-21 10.0 HIGH 7.5 HIGH
Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11278 1 Qualcomm 754 Aqt1000, Aqt1000 Firmware, Ar8031 and 751 more 2024-11-21 7.8 HIGH 7.5 HIGH
Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11277 1 Qualcomm 322 Pm3003a, Pm3003a Firmware, Pm4250 and 319 more 2024-11-21 6.9 MEDIUM 7.4 HIGH
Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11276 1 Qualcomm 1028 Apq8009, Apq8009 Firmware, Apq8017 and 1025 more 2024-11-21 9.4 HIGH 9.1 CRITICAL
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking