Total
763 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35098 | 1 Qualcomm | 172 Apq8053, Apq8053 Firmware, Apq8096au and 169 more | 2022-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30342 | 1 Qualcomm | 190 Apq8009w, Apq8009w Firmware, Apq8017 and 187 more | 2022-06-23 | 7.1 HIGH | 5.9 MEDIUM |
| Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35121 | 1 Qualcomm | 88 Apq8053, Apq8053 Firmware, Msm8953 and 85 more | 2022-06-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35079 | 1 Qualcomm | 122 Apq8053, Apq8053 Firmware, Aqt1000 and 119 more | 2022-06-22 | 2.1 LOW | 5.5 MEDIUM |
| Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35094 | 1 Qualcomm | 162 Aqt1000, Aqt1000 Firmware, Qca6390 and 159 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35081 | 1 Qualcomm | 146 Aqt1000, Aqt1000 Firmware, Ar8035 and 143 more | 2022-06-22 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-35130 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qam8295p and 111 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-35090 | 1 Qualcomm | 112 Aqt1000, Aqt1000 Firmware, Qca6390 and 109 more | 2022-06-22 | 6.9 MEDIUM | 7.8 HIGH |
| Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35101 | 1 Qualcomm | 48 Aqt1000, Aqt1000 Firmware, Qca6390 and 45 more | 2022-06-22 | 4.9 MEDIUM | 6.5 MEDIUM |
| Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile | |||||
| CVE-2022-22068 | 1 Qualcomm | 232 Apq8053, Apq8053 Firmware, Aqt1000 and 229 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2022-22071 | 1 Qualcomm | 180 Apq8053, Apq8053 Firmware, Ar8031 and 177 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2020-11182 | 1 Qualcomm | 536 Aqt1000, Aqt1000 Firmware, Pm3003a and 533 more | 2022-05-03 | 10.0 HIGH | 9.8 CRITICAL |
| Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11176 | 1 Qualcomm | 198 Apq8017, Apq8017 Firmware, Apq8053 and 195 more | 2022-05-03 | 10.0 HIGH | 9.8 CRITICAL |
| While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile | |||||
| CVE-2020-11165 | 1 Qualcomm | 510 Aqt1000, Aqt1000 Firmware, Ar8035 and 507 more | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11236 | 1 Qualcomm | 340 Csrb31024, Csrb31024 Firmware, Pm3003a and 337 more | 2022-05-03 | 7.8 HIGH | 5.5 MEDIUM |
| Memory corruption due to invalid value of total dimension in the non-histogram type KPI could lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
| CVE-2021-35117 | 1 Qualcomm | 204 Apq8096au, Apq8096au Firmware, Aqt1000 and 201 more | 2022-04-09 | 9.4 HIGH | 9.1 CRITICAL |
| An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-1950 | 1 Qualcomm | 184 Ar8035, Ar8035 Firmware, Csr8811 and 181 more | 2022-04-08 | 7.2 HIGH | 7.8 HIGH |
| Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30325 | 1 Qualcomm | 318 Apq8096au, Apq8096au Firmware, Ar8031 and 315 more | 2022-02-18 | 4.6 MEDIUM | 6.7 MEDIUM |
| Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30324 | 1 Qualcomm | 302 Apq8096au, Apq8096au Firmware, Ar8031 and 299 more | 2022-02-18 | 4.6 MEDIUM | 6.7 MEDIUM |
| Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30323 | 1 Qualcomm | 202 Apq8009w, Apq8009w Firmware, Apq8017 and 199 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||