Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Qualcomm Subscribe
Filtered by product Qcs405
Total 478 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11293 1 Qualcomm 678 Apq8017, Apq8017 Firmware, Apq8037 and 675 more 2021-05-12 3.6 LOW 6.0 MEDIUM
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2021-1895 1 Qualcomm 828 Apq8009w, Apq8009w Firmware, Apq8017 and 825 more 2021-05-12 7.2 HIGH 7.8 HIGH
Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
CVE-2020-11289 1 Qualcomm 992 Apq8009, Apq8009 Firmware, Apq8017 and 989 more 2021-05-12 7.2 HIGH 7.8 HIGH
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11288 1 Qualcomm 636 Aqt1000, Aqt1000 Firmware, Ar8031 and 633 more 2021-05-12 7.2 HIGH 7.8 HIGH
Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2021-1905 1 Qualcomm 792 Apq8009, Apq8009 Firmware, Apq8009w and 789 more 2021-05-12 7.2 HIGH 7.8 HIGH
Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2021-1906 1 Qualcomm 800 Apq8009, Apq8009 Firmware, Apq8009w and 797 more 2021-05-12 2.1 LOW 5.5 MEDIUM
Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11234 1 Qualcomm 674 Apq8009, Apq8009 Firmware, Apq8009w and 671 more 2021-04-12 7.2 HIGH 7.8 HIGH
When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11252 1 Qualcomm 620 Aqt1000, Aqt1000 Firmware, Ar8031 and 617 more 2021-04-12 4.7 MEDIUM 5.5 MEDIUM
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11245 1 Qualcomm 404 Aqt1000, Aqt1000 Firmware, Ar8035 and 401 more 2021-04-12 7.2 HIGH 7.8 HIGH
Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11308 1 Qualcomm 666 Apq8009, Apq8009 Firmware, Aqt1000 and 663 more 2021-03-25 7.2 HIGH 6.8 MEDIUM
Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-11309 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2021-03-25 7.2 HIGH 7.8 HIGH
Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11299 1 Qualcomm 762 Apq8009, Apq8009 Firmware, Apq8009w and 759 more 2021-03-24 10.0 HIGH 9.8 CRITICAL
Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11290 1 Qualcomm 656 Apq8009, Apq8009 Firmware, Apq8009w and 653 more 2021-03-24 6.9 MEDIUM 7.0 HIGH
Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11220 1 Qualcomm 262 Aqt1000, Aqt1000 Firmware, Ar8035 and 259 more 2021-03-18 4.4 MEDIUM 6.4 MEDIUM
While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11272 1 Qualcomm 696 Apq8009, Apq8009 Firmware, Apq8009w and 693 more 2021-03-08 10.0 HIGH 9.8 CRITICAL
Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11275 1 Qualcomm 942 Apq8009, Apq8009 Firmware, Apq8017 and 939 more 2021-03-08 9.4 HIGH 9.1 CRITICAL
Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11269 1 Qualcomm 1074 Apq8009, Apq8009 Firmware, Apq8009w and 1071 more 2021-03-08 8.3 HIGH 8.8 HIGH
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11271 1 Qualcomm 680 Aqt1000, Aqt1000 Firmware, Ar8031 and 677 more 2021-03-03 7.2 HIGH 7.8 HIGH
Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11276 1 Qualcomm 1028 Apq8009, Apq8009 Firmware, Apq8017 and 1025 more 2021-03-02 9.4 HIGH 9.1 CRITICAL
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11278 1 Qualcomm 754 Aqt1000, Aqt1000 Firmware, Ar8031 and 751 more 2021-03-02 7.8 HIGH 7.5 HIGH
Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking