Total
159 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-1943 | 1 Qualcomm | 354 Apq8053, Apq8053 Firmware, Aqt1000 and 351 more | 2021-07-15 | 5.0 MEDIUM | 7.5 HIGH |
Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1887 | 1 Qualcomm | 78 Ar7420, Ar7420 Firmware, Ar9380 and 75 more | 2021-07-15 | 5.0 MEDIUM | 7.5 HIGH |
An assertion can be reached in the WLAN subsystem while using the Wi-Fi Fine Timing Measurement protocol in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1938 | 1 Qualcomm | 414 Aqt1000, Aqt1000 Firmware, Ar8031 and 411 more | 2021-07-15 | 5.0 MEDIUM | 7.5 HIGH |
Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1954 | 1 Qualcomm | 300 Apq8053, Apq8053 Firmware, Aqt1000 and 297 more | 2021-07-15 | 5.0 MEDIUM | 7.5 HIGH |
Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11306 | 1 Qualcomm | 164 Aqt1000, Aqt1000 Firmware, Ar8035 and 161 more | 2021-06-17 | 4.6 MEDIUM | 7.8 HIGH |
Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-1937 | 1 Qualcomm | 372 Aqt1000, Aqt1000 Firmware, Ar8031 and 369 more | 2021-06-17 | 5.0 MEDIUM | 7.5 HIGH |
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11298 | 1 Qualcomm | 222 Aqt1000, Aqt1000 Firmware, Ar8031 and 219 more | 2021-06-17 | 6.9 MEDIUM | 7.0 HIGH |
While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11304 | 1 Qualcomm | 318 Apq8009, Apq8009 Firmware, Apq8096au and 315 more | 2021-06-17 | 3.6 LOW | 7.1 HIGH |
Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11267 | 1 Qualcomm | 542 Apq8009, Apq8009 Firmware, Apq8009w and 539 more | 2021-06-17 | 4.6 MEDIUM | 7.8 HIGH |
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11265 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-17 | 2.1 LOW | 5.5 MEDIUM |
Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11266 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-16 | 2.1 LOW | 6.5 MEDIUM |
Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11258 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-16 | 7.2 HIGH | 8.8 HIGH |
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11257 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-16 | 7.2 HIGH | 8.8 HIGH |
Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11256 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-16 | 7.2 HIGH | 8.8 HIGH |
Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11259 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-16 | 7.2 HIGH | 8.8 HIGH |
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11238 | 1 Qualcomm | 804 Aqt1000, Aqt1000 Firmware, Ar8031 and 801 more | 2021-06-15 | 7.8 HIGH | 7.5 HIGH |
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11235 | 1 Qualcomm | 1076 Apq8009, Apq8009 Firmware, Apq8017 and 1073 more | 2021-06-15 | 7.2 HIGH | 7.8 HIGH |
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11159 | 1 Qualcomm | 1006 Apq8009, Apq8009 Firmware, Apq8017 and 1003 more | 2021-06-15 | 9.4 HIGH | 9.1 CRITICAL |
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11134 | 1 Qualcomm | 650 Aqt1000, Aqt1000 Firmware, Ar8031 and 647 more | 2021-06-15 | 10.0 HIGH | 9.8 CRITICAL |
Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11178 | 1 Qualcomm | 574 Aqt1000, Aqt1000 Firmware, Ar8031 and 571 more | 2021-06-15 | 7.2 HIGH | 7.8 HIGH |
Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking |