Total
461 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-35077 | 1 Qualcomm | 142 Ar8035, Ar8035 Firmware, Qca6174a and 139 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30326 | 1 Qualcomm | 106 Ar8035, Ar8035 Firmware, Qca6390 and 103 more | 2022-02-18 | 5.0 MEDIUM | 7.5 HIGH |
Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30325 | 1 Qualcomm | 318 Apq8096au, Apq8096au Firmware, Ar8031 and 315 more | 2022-02-18 | 4.6 MEDIUM | 6.7 MEDIUM |
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30324 | 1 Qualcomm | 302 Apq8096au, Apq8096au Firmware, Ar8031 and 299 more | 2022-02-18 | 4.6 MEDIUM | 6.7 MEDIUM |
Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30322 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30317 | 1 Qualcomm | 228 Aqt1000, Aqt1000 Firmware, Ar8031 and 225 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30309 | 1 Qualcomm | 86 Mdm9650, Mdm9650 Firmware, Qca6174a and 83 more | 2022-02-18 | 4.6 MEDIUM | 7.8 HIGH |
Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30318 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2022-02-17 | 4.6 MEDIUM | 7.8 HIGH |
Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30353 | 1 Qualcomm | 220 Ar8031, Ar8031 Firmware, Ar8035 and 217 more | 2022-01-18 | 5.0 MEDIUM | 7.5 HIGH |
Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30330 | 1 Qualcomm | 220 Apq8009, Apq8009 Firmware, Apq8009w and 217 more | 2022-01-18 | 5.0 MEDIUM | 7.5 HIGH |
Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30319 | 1 Qualcomm | 268 Apq8009, Apq8009 Firmware, Apq8017 and 265 more | 2022-01-18 | 7.2 HIGH | 7.8 HIGH |
Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-30313 | 1 Qualcomm | 360 Apq8096au, Apq8096au Firmware, Ar8031 and 357 more | 2022-01-18 | 4.4 MEDIUM | 6.4 MEDIUM |
Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30314 | 1 Qualcomm | 148 Qca6390, Qca6390 Firmware, Qca6391 and 145 more | 2022-01-18 | 2.1 LOW | 5.5 MEDIUM |
Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
CVE-2021-30311 | 1 Qualcomm | 134 Ar8035, Ar8035 Firmware, Qca6390 and 131 more | 2022-01-18 | 7.2 HIGH | 7.8 HIGH |
Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30308 | 1 Qualcomm | 172 Aqt1000, Aqt1000 Firmware, Ar8035 and 169 more | 2022-01-18 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30285 | 1 Qualcomm | 204 Ar8031, Ar8031 Firmware, Ar8035 and 201 more | 2022-01-14 | 4.6 MEDIUM | 8.8 HIGH |
Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30287 | 1 Qualcomm | 116 Ar8035, Ar8035 Firmware, Qca6390 and 113 more | 2022-01-14 | 5.0 MEDIUM | 7.5 HIGH |
Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30300 | 1 Qualcomm | 220 Apq8009w, Apq8009w Firmware, Apq8017 and 217 more | 2022-01-14 | 5.0 MEDIUM | 7.5 HIGH |
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-30301 | 1 Qualcomm | 100 Ar8035, Ar8035 Firmware, Qca6390 and 97 more | 2022-01-14 | 5.0 MEDIUM | 7.5 HIGH |
Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-30307 | 1 Qualcomm | 172 Ar8035, Ar8035 Firmware, Csrb31024 and 169 more | 2022-01-14 | 5.0 MEDIUM | 7.5 HIGH |
Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT |