Total
669 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22084 | 1 Qualcomm | 305 Apq8009, Apq8009 Firmware, Apq8009w and 302 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30333 | 1 Qualcomm | 258 Apq8009w, Apq8009w Firmware, Apq8017 and 255 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30291 | 1 Qualcomm | 180 Apq8017, Apq8017 Firmware, Apq8053 and 177 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2021-30293 | 1 Qualcomm | 152 Ar6003, Ar6003 Firmware, Ar8035 and 149 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | |||||
CVE-2021-1976 | 1 Qualcomm | 494 Apq8009, Apq8009 Firmware, Apq8009w and 491 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30261 | 1 Qualcomm | 364 Apq8009, Apq8009 Firmware, Apq8009w and 361 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30258 | 1 Qualcomm | 194 Apq8017, Apq8017 Firmware, Apq8053 and 191 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2020-11303 | 1 Qualcomm | 182 Apq8009, Apq8009 Firmware, Apq8053 and 179 more | 2024-02-28 | 5.0 MEDIUM | 8.6 HIGH |
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1924 | 1 Qualcomm | 634 Apq8009, Apq8009 Firmware, Apq8009w and 631 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30351 | 1 Qualcomm | 392 Apq8009, Apq8009 Firmware, Apq8009w and 389 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1963 | 1 Qualcomm | 224 Apq8009w, Apq8009w Firmware, Apq8096au and 221 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-1985 | 1 Qualcomm | 190 Apq8017, Apq8017 Firmware, Apq8053 and 187 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
Possible buffer over read due to lack of data length check in QVR Service configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2021-1935 | 1 Qualcomm | 352 Apq8009, Apq8009 Firmware, Apq8017 and 349 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30260 | 1 Qualcomm | 516 Apq8009, Apq8009 Firmware, Apq8017 and 513 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30288 | 1 Qualcomm | 392 Apq8009, Apq8009 Firmware, Apq8053 and 389 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1973 | 1 Qualcomm | 394 Apq8009, Apq8009 Firmware, Apq8009w and 391 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-1948 | 1 Qualcomm | 436 Apq8053, Apq8053 Firmware, Apq8064au and 433 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30284 | 1 Qualcomm | 292 Apq8009, Apq8009 Firmware, Apq8009w and 289 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30310 | 1 Qualcomm | 172 Apq8009, Apq8009 Firmware, Apq8017 and 169 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-30300 | 1 Qualcomm | 220 Apq8009w, Apq8009w Firmware, Apq8017 and 217 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables |