Total
428 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-30269 | 1 Qualcomm | 234 Ar8031, Ar8031 Firmware, Ar8035 and 231 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30268 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-1894 | 1 Qualcomm | 234 Ar8031, Ar8031 Firmware, Ar8035 and 231 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30272 | 1 Qualcomm | 392 Apq8009w, Apq8009w Firmware, Apq8017 and 389 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30271 | 1 Qualcomm | 332 Apq8009w, Apq8009w Firmware, Apq8017 and 329 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30270 | 1 Qualcomm | 310 Apq8009w, Apq8009w Firmware, Apq8017 and 307 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30348 | 1 Qualcomm | 282 Apq8017, Apq8017 Firmware, Apq8064au and 279 more | 2022-01-12 | 3.3 LOW | 6.5 MEDIUM |
Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2021-30337 | 1 Qualcomm | 420 Apq8009, Apq8009 Firmware, Apq8009w and 417 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30336 | 1 Qualcomm | 144 Qca6390, Qca6390 Firmware, Qca6391 and 141 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2021-30335 | 1 Qualcomm | 348 Apq8009w, Apq8009w Firmware, Aqt1000 and 345 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30303 | 1 Qualcomm | 478 Apq8009, Apq8009 Firmware, Apq8017 and 475 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30298 | 1 Qualcomm | 122 Ar8031, Ar8031 Firmware, Ar8035 and 119 more | 2022-01-12 | 4.6 MEDIUM | 7.8 HIGH |
Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30293 | 1 Qualcomm | 152 Ar6003, Ar6003 Firmware, Ar8035 and 149 more | 2022-01-12 | 5.0 MEDIUM | 7.5 HIGH |
Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | |||||
CVE-2021-30351 | 1 Qualcomm | 392 Apq8009, Apq8009 Firmware, Apq8009w and 389 more | 2022-01-12 | 7.5 HIGH | 9.8 CRITICAL |
An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30282 | 1 Qualcomm | 250 Ar8031, Ar8031 Firmware, Ar8035 and 247 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30279 | 1 Qualcomm | 124 Ar8035, Ar8035 Firmware, Qca6390 and 121 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30278 | 1 Qualcomm | 252 Ar8031, Ar8031 Firmware, Ar8035 and 249 more | 2022-01-12 | 2.1 LOW | 5.5 MEDIUM |
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30274 | 1 Qualcomm | 252 Ar8031, Ar8031 Firmware, Ar8035 and 249 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30275 | 1 Qualcomm | 254 Ar8031, Ar8031 Firmware, Ar8035 and 251 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-30262 | 1 Qualcomm | 210 Apq8009w, Apq8009w Firmware, Aqt1000 and 207 more | 2022-01-11 | 4.6 MEDIUM | 7.8 HIGH |
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |