Total
617 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30306 | 1 Qualcomm | 130 Apq8053, Apq8053 Firmware, Msm8953 and 127 more | 2021-10-26 | 3.6 LOW | 7.1 HIGH |
| Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-30305 | 1 Qualcomm | 82 Qca6174a, Qca6174a Firmware, Qca6391 and 79 more | 2021-10-26 | 4.6 MEDIUM | 7.8 HIGH |
| Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-30302 | 1 Qualcomm | 248 Aqt1000, Aqt1000 Firmware, Ar8035 and 245 more | 2021-10-26 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30288 | 1 Qualcomm | 392 Apq8009, Apq8009 Firmware, Apq8053 and 389 more | 2021-10-26 | 7.2 HIGH | 7.8 HIGH |
| Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1980 | 1 Qualcomm | 438 Apq8053, Apq8053 Firmware, Apq8064au and 435 more | 2021-10-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1977 | 1 Qualcomm | 256 Apq8009, Apq8009 Firmware, Apq8017 and 253 more | 2021-10-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-1967 | 1 Qualcomm | 220 Apq8009, Apq8009 Firmware, Apq8053 and 217 more | 2021-10-26 | 4.6 MEDIUM | 5.3 MEDIUM |
| Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1966 | 1 Qualcomm | 130 Aqt1000, Aqt1000 Firmware, Ar8031 and 127 more | 2021-10-26 | 4.6 MEDIUM | 6.7 MEDIUM |
| Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-1959 | 1 Qualcomm | 376 Apq8009, Apq8009 Firmware, Apq8009w and 373 more | 2021-10-26 | 7.2 HIGH | 7.8 HIGH |
| Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1913 | 1 Qualcomm | 162 Aqt1000, Aqt1000 Firmware, Ar8035 and 159 more | 2021-10-26 | 7.2 HIGH | 8.4 HIGH |
| Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11303 | 1 Qualcomm | 182 Apq8009, Apq8009 Firmware, Apq8053 and 179 more | 2021-10-26 | 5.0 MEDIUM | 8.6 HIGH |
| Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30260 | 1 Qualcomm | 516 Apq8009, Apq8009 Firmware, Apq8017 and 513 more | 2021-10-20 | 4.6 MEDIUM | 7.8 HIGH |
| Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1947 | 1 Qualcomm | 174 Apq8009w, Apq8009w Firmware, Apq8053 and 171 more | 2021-09-28 | 7.2 HIGH | 7.8 HIGH |
| Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1946 | 1 Qualcomm | 196 Apq8017, Apq8017 Firmware, Apq8053 and 193 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-1948 | 1 Qualcomm | 436 Apq8053, Apq8053 Firmware, Apq8064au and 433 more | 2021-09-22 | 7.8 HIGH | 7.5 HIGH |
| Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1941 | 1 Qualcomm | 430 Apq8064au, Apq8064au Firmware, Apq8096au and 427 more | 2021-09-22 | 7.8 HIGH | 7.5 HIGH |
| Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1974 | 1 Qualcomm | 380 Aqt1000, Aqt1000 Firmware, Ar8035 and 377 more | 2021-09-22 | 5.0 MEDIUM | 7.5 HIGH |
| Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1960 | 1 Qualcomm | 276 Aqt1000, Aqt1000 Firmware, Ar8031 and 273 more | 2021-09-22 | 3.3 LOW | 6.5 MEDIUM |
| Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1957 | 1 Qualcomm | 92 Apq8017, Apq8017 Firmware, Qca6174a and 89 more | 2021-09-22 | 3.3 LOW | 6.5 MEDIUM |
| Improper Access Control when ACL link encryption is failed and ACL link is not disconnected during reconnection with paired device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-1956 | 1 Qualcomm | 84 Aqt1000, Aqt1000 Firmware, Ar8035 and 81 more | 2021-09-22 | 3.3 LOW | 6.5 MEDIUM |
| Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||