Total
406 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35116 | 1 Qualcomm | 226 Apq8009, Apq8009 Firmware, Apq8009w and 223 more | 2023-04-19 | 6.6 MEDIUM | 7.1 HIGH |
| APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-30333 | 1 Qualcomm | 258 Apq8009w, Apq8009w Firmware, Apq8017 and 255 more | 2023-04-19 | 4.6 MEDIUM | 7.8 HIGH |
| Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30343 | 1 Qualcomm | 128 Ar8035, Ar8035 Firmware, Qca6390 and 125 more | 2023-04-19 | 7.1 HIGH | 5.9 MEDIUM |
| Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-25706 | 1 Qualcomm | 257 Apq8009w, Apq8009w Firmware, Apq8017 and 254 more | 2023-04-19 | N/A | 7.5 HIGH |
| Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-35086 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qca6390 and 107 more | 2023-04-19 | 7.8 HIGH | 7.5 HIGH |
| Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35077 | 1 Qualcomm | 142 Ar8035, Ar8035 Firmware, Qca6174a and 139 more | 2023-04-19 | 7.2 HIGH | 7.8 HIGH |
| Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-30322 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2023-04-19 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35097 | 1 Qualcomm | 258 Aqt1000, Aqt1000 Firmware, Ar8031 and 255 more | 2022-09-08 | N/A | 6.8 MEDIUM |
| Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35122 | 1 Qualcomm | 202 Aqt1000, Aqt1000 Firmware, Ar8035 and 199 more | 2022-09-08 | N/A | 7.8 HIGH |
| Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-35135 | 1 Qualcomm | 336 Apq8017, Apq8017 Firmware, Apq8037 and 333 more | 2022-09-08 | N/A | 5.5 MEDIUM |
| A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30259 | 1 Qualcomm | 316 Aqt1000, Aqt1000 Firmware, Ar8031 and 313 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30284 | 1 Qualcomm | 292 Apq8009, Apq8009 Firmware, Apq8009w and 289 more | 2022-07-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1904 | 1 Qualcomm | 350 Apq8009, Apq8009 Firmware, Apq8009w and 347 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30281 | 1 Qualcomm | 294 Aqt1000, Aqt1000 Firmware, Ar8031 and 291 more | 2022-06-27 | 7.2 HIGH | 7.8 HIGH |
| Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-35130 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qam8295p and 111 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-35090 | 1 Qualcomm | 112 Aqt1000, Aqt1000 Firmware, Qca6390 and 109 more | 2022-06-22 | 6.9 MEDIUM | 7.8 HIGH |
| Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-22068 | 1 Qualcomm | 232 Apq8053, Apq8053 Firmware, Aqt1000 and 229 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35117 | 1 Qualcomm | 204 Apq8096au, Apq8096au Firmware, Aqt1000 and 201 more | 2022-04-09 | 9.4 HIGH | 9.1 CRITICAL |
| An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-30317 | 1 Qualcomm | 228 Aqt1000, Aqt1000 Firmware, Ar8031 and 225 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30269 | 1 Qualcomm | 234 Ar8031, Ar8031 Firmware, Ar8035 and 231 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||