Total
551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35116 | 1 Qualcomm | 226 Apq8009, Apq8009 Firmware, Apq8009w and 223 more | 2023-04-19 | 6.6 MEDIUM | 7.1 HIGH |
| APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-30333 | 1 Qualcomm | 258 Apq8009w, Apq8009w Firmware, Apq8017 and 255 more | 2023-04-19 | 4.6 MEDIUM | 7.8 HIGH |
| Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35077 | 1 Qualcomm | 142 Ar8035, Ar8035 Firmware, Qca6174a and 139 more | 2023-04-19 | 7.2 HIGH | 7.8 HIGH |
| Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-30322 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2023-04-19 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-22105 | 1 Qualcomm | 102 Apq8009, Apq8009 Firmware, Apq8017 and 99 more | 2022-09-20 | N/A | 9.8 CRITICAL |
| Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-35097 | 1 Qualcomm | 258 Aqt1000, Aqt1000 Firmware, Ar8031 and 255 more | 2022-09-08 | N/A | 6.8 MEDIUM |
| Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35113 | 1 Qualcomm | 96 Aqt1000, Aqt1000 Firmware, Csrb31024 and 93 more | 2022-09-08 | N/A | 6.8 MEDIUM |
| Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-35135 | 1 Qualcomm | 336 Apq8017, Apq8017 Firmware, Apq8037 and 333 more | 2022-09-08 | N/A | 5.5 MEDIUM |
| A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30259 | 1 Qualcomm | 316 Aqt1000, Aqt1000 Firmware, Ar8031 and 313 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30284 | 1 Qualcomm | 292 Apq8009, Apq8009 Firmware, Apq8009w and 289 more | 2022-07-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1904 | 1 Qualcomm | 350 Apq8009, Apq8009 Firmware, Apq8009w and 347 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1930 | 1 Qualcomm | 194 Aqt1000, Aqt1000 Firmware, Csrb31024 and 191 more | 2022-06-28 | 3.6 LOW | 7.1 HIGH |
| Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-1892 | 1 Qualcomm | 108 Aqt1000, Aqt1000 Firmware, Pm8005 and 105 more | 2022-06-28 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1890 | 1 Qualcomm | 316 Apq8017, Apq8017 Firmware, Apq8037 and 313 more | 2022-06-28 | 7.2 HIGH | 7.8 HIGH |
| Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30281 | 1 Qualcomm | 294 Aqt1000, Aqt1000 Firmware, Ar8031 and 291 more | 2022-06-27 | 7.2 HIGH | 7.8 HIGH |
| Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-35098 | 1 Qualcomm | 172 Apq8053, Apq8053 Firmware, Apq8096au and 169 more | 2022-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30342 | 1 Qualcomm | 190 Apq8009w, Apq8009w Firmware, Apq8017 and 187 more | 2022-06-23 | 7.1 HIGH | 5.9 MEDIUM |
| Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35072 | 1 Qualcomm | 164 Apq8009, Apq8009 Firmware, Apq8009w and 161 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35130 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qam8295p and 111 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2022-25651 | 1 Qualcomm | 104 Apq8009, Apq8009 Firmware, Apq8017 and 101 more | 2022-06-22 | 10.0 HIGH | 9.8 CRITICAL |
| Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||