Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Qualcomm Subscribe
Filtered by product Sd429
Total 207 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11199 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2021-03-18 2.1 LOW 5.5 MEDIUM
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11221 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2021-03-18 2.1 LOW 5.5 MEDIUM
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11190 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2021-03-17 6.4 MEDIUM 9.1 CRITICAL
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11272 1 Qualcomm 696 Apq8009, Apq8009 Firmware, Apq8009w and 693 more 2021-03-08 10.0 HIGH 9.8 CRITICAL
Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11269 1 Qualcomm 1074 Apq8009, Apq8009 Firmware, Apq8009w and 1071 more 2021-03-08 8.3 HIGH 8.8 HIGH
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11203 1 Qualcomm 286 Apq8009w, Apq8009w Firmware, Apq8064au and 283 more 2021-03-01 3.6 LOW 7.1 HIGH
Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11283 1 Qualcomm 379 Apq8009, Apq8009w, Apq8017 and 376 more 2021-02-26 7.5 HIGH 9.8 CRITICAL
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11170 1 Qualcomm 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more 2021-02-26 10.0 HIGH 9.8 CRITICAL
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11177 1 Qualcomm 814 Apq8009, Apq8009 Firmware, Apq8009w and 811 more 2021-02-26 7.2 HIGH 8.8 HIGH
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11163 1 Qualcomm 500 Apq8017, Apq8017 Firmware, Aqt1000 and 497 more 2021-02-26 10.0 HIGH 9.8 CRITICAL
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11213 1 Qualcomm 555 Apq8009, Apq8009w, Apq8016 and 552 more 2021-02-01 7.5 HIGH 9.8 CRITICAL
Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11179 1 Qualcomm 404 Apq8009, Apq8009w, Apq8017 and 401 more 2021-02-01 6.9 MEDIUM 7.0 HIGH
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-3686 1 Qualcomm 492 Apq8009, Apq8009w, Apq8017 and 489 more 2021-01-29 10.0 HIGH 9.8 CRITICAL
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-3691 1 Qualcomm 506 Apq8009, Apq8009w, Apq8017 and 503 more 2021-01-29 10.0 HIGH 9.8 CRITICAL
Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-3685 1 Qualcomm 506 Apq8009, Apq8009w, Apq8017 and 503 more 2021-01-29 7.8 HIGH 7.5 HIGH
Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11212 1 Qualcomm 541 Apq8009, Apq8016, Apq8017 and 538 more 2021-01-29 7.5 HIGH 9.8 CRITICAL
Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11197 1 Qualcomm 370 Apq8009, Apq8009w, Apq8017 and 367 more 2021-01-29 7.5 HIGH 9.8 CRITICAL
Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip with invalid data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11149 1 Qualcomm 293 Apq8053, Apq8096au, Aqt1000 and 290 more 2021-01-29 7.2 HIGH 6.7 MEDIUM
Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11148 1 Qualcomm 246 Apq8017, Apq8053, Msm8917 and 243 more 2021-01-29 7.2 HIGH 6.7 MEDIUM
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11146 1 Qualcomm 314 Apq8076, Aqt1000, Ar8031 and 311 more 2021-01-29 4.6 MEDIUM 7.8 HIGH
Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables