Vulnerabilities (CVE)

Filtered by vendor Qualcomm Subscribe
Filtered by product Pm660
Total 106 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11182 1 Qualcomm 536 Aqt1000, Aqt1000 Firmware, Pm3003a and 533 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11179 1 Qualcomm 404 Apq8009, Apq8009w, Apq8017 and 401 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11178 1 Qualcomm 574 Aqt1000, Aqt1000 Firmware, Ar8031 and 571 more 2024-11-21 7.2 HIGH 7.8 HIGH
Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11177 1 Qualcomm 814 Apq8009, Apq8009 Firmware, Apq8009w and 811 more 2024-11-21 7.2 HIGH 8.8 HIGH
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11171 1 Qualcomm 770 Apq8009, Apq8009 Firmware, Apq8009w and 767 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11170 1 Qualcomm 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11167 1 Qualcomm 286 Apq8009w, Apq8017, Apq8037 and 283 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11166 1 Qualcomm 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11165 1 Qualcomm 510 Aqt1000, Aqt1000 Firmware, Ar8035 and 507 more 2024-11-21 7.2 HIGH 7.8 HIGH
Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11159 1 Qualcomm 1006 Apq8009, Apq8009 Firmware, Apq8017 and 1003 more 2024-11-21 9.4 HIGH 9.1 CRITICAL
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11152 1 Qualcomm 160 Apq8009w, Apq8017, Apq8037 and 157 more 2024-11-21 6.9 MEDIUM 6.4 MEDIUM
Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11150 1 Qualcomm 280 Aqt1000, Ar8031, Ar8035 and 277 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Out of bound memory access in camera driver due to improper validation on data coming from UMD which is used for offset manipulation of pointer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11149 1 Qualcomm 293 Apq8053, Apq8096au, Aqt1000 and 290 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11148 1 Qualcomm 246 Apq8017, Apq8053, Msm8917 and 243 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11147 1 Qualcomm 406 Aqt1000, Aqt1000 Firmware, Pm3003a and 403 more 2024-11-21 4.6 MEDIUM 6.7 MEDIUM
Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11146 1 Qualcomm 314 Apq8076, Aqt1000, Ar8031 and 311 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11145 1 Qualcomm 413 Apq8009, Apq8009w, Apq8017 and 410 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11144 1 Qualcomm 414 Apq8009, Apq8009w, Apq8017 and 411 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11143 1 Qualcomm 494 Apq8009, Apq8017, Apq8030 and 491 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11140 1 Qualcomm 449 Apq8017, Apq8037, Apq8052 and 446 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking