Total
417 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11270 | 1 Qualcomm | 830 Aqt1000, Aqt1000 Firmware, Ar7420 and 827 more | 2021-03-02 | 7.8 HIGH | 7.5 HIGH |
Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11280 | 1 Qualcomm | 824 Aqt1000, Aqt1000 Firmware, Ar7420 and 821 more | 2021-03-02 | 7.8 HIGH | 7.5 HIGH |
Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11281 | 1 Qualcomm | 694 Aqt1000, Aqt1000 Firmware, Ar8031 and 691 more | 2021-03-02 | 5.0 MEDIUM | 7.5 HIGH |
Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11297 | 1 Qualcomm | 526 Apq8096au, Apq8096au Firmware, Aqt1000 and 523 more | 2021-03-02 | 7.8 HIGH | 7.5 HIGH |
Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2020-3664 | 1 Qualcomm | 630 Aqt1000, Aqt1000 Firmware, Ar8031 and 627 more | 2021-03-02 | 3.6 LOW | 6.0 MEDIUM |
Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11203 | 1 Qualcomm | 286 Apq8009w, Apq8009w Firmware, Apq8064au and 283 more | 2021-03-01 | 3.6 LOW | 7.1 HIGH |
Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
CVE-2020-11223 | 1 Qualcomm | 404 Aqt1000, Aqt1000 Firmware, Pm3003a and 401 more | 2021-02-26 | 7.2 HIGH | 7.8 HIGH |
Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
CVE-2020-11187 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Csrb31024 and 193 more | 2021-02-26 | 7.2 HIGH | 7.8 HIGH |
Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2020-11283 | 1 Qualcomm | 379 Apq8009, Apq8009w, Apq8017 and 376 more | 2021-02-26 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11170 | 1 Qualcomm | 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more | 2021-02-26 | 10.0 HIGH | 9.8 CRITICAL |
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11177 | 1 Qualcomm | 814 Apq8009, Apq8009 Firmware, Apq8009w and 811 more | 2021-02-26 | 7.2 HIGH | 8.8 HIGH |
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11296 | 1 Qualcomm | 532 Apq8009, Apq8017, Apq8053 and 529 more | 2021-02-26 | 5.0 MEDIUM | 7.5 HIGH |
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11163 | 1 Qualcomm | 500 Apq8017, Apq8017 Firmware, Aqt1000 and 497 more | 2021-02-26 | 10.0 HIGH | 9.8 CRITICAL |
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-11214 | 1 Qualcomm | 349 Aqt1000, Ar8031, Ar8035 and 346 more | 2021-02-01 | 5.0 MEDIUM | 7.5 HIGH |
Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11213 | 1 Qualcomm | 555 Apq8009, Apq8009w, Apq8016 and 552 more | 2021-02-01 | 7.5 HIGH | 9.8 CRITICAL |
Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11179 | 1 Qualcomm | 404 Apq8009, Apq8009w, Apq8017 and 401 more | 2021-02-01 | 6.9 MEDIUM | 7.0 HIGH |
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11180 | 1 Qualcomm | 158 Aqt1000, Pm3003a, Pm6150 and 155 more | 2021-01-29 | 7.2 HIGH | 7.8 HIGH |
Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-11150 | 1 Qualcomm | 280 Aqt1000, Ar8031, Ar8035 and 277 more | 2021-01-29 | 7.2 HIGH | 6.7 MEDIUM |
Out of bound memory access in camera driver due to improper validation on data coming from UMD which is used for offset manipulation of pointer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-3686 | 1 Qualcomm | 492 Apq8009, Apq8009w, Apq8017 and 489 more | 2021-01-29 | 10.0 HIGH | 9.8 CRITICAL |
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-3691 | 1 Qualcomm | 506 Apq8009, Apq8009w, Apq8017 and 503 more | 2021-01-29 | 10.0 HIGH | 9.8 CRITICAL |
Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |