VYPR

Snapdragon

by Qualcomm

CVEs (937)

  • CVE-2020-11230MedMar 17, 2021
    risk 0.42cvss 6.4epss 0.00

    Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2020-11220MedMar 17, 2021
    risk 0.42cvss 6.4epss 0.00

    While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT,…

  • CVE-2020-11152MedJan 21, 2021
    risk 0.42cvss 6.4epss 0.00

    Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…

  • CVE-2020-11151MedJan 21, 2021
    risk 0.42cvss 6.4epss 0.00

    Race condition occurs while calling user space ioctl from two different threads can results to use after free issue in video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

  • CVE-2019-10504MedNov 6, 2019
    risk 0.42cvss 6.5epss 0.01

    Firmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, Qualcomm 215, SD…

  • CVE-2017-18283MedOct 23, 2018
    risk 0.42cvss 6.5epss 0.01

    Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660.

  • CVE-2018-5871MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630,…

  • CVE-2022-25664MedOct 19, 2022
    risk 0.40cvss 6.2epss 0.00

    Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

  • CVE-2021-35135MedSep 2, 2022
    risk 0.40cvss 6.2epss 0.00

    A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-1969MedOct 20, 2021
    risk 0.40cvss 6.2epss 0.00

    Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…

  • CVE-2021-1968MedOct 20, 2021
    risk 0.40cvss 6.2epss 0.00

    Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…

  • CVE-2021-1929MedSep 8, 2021
    risk 0.40cvss 6.2epss 0.00

    Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

  • CVE-2021-1904MedSep 8, 2021
    risk 0.40cvss 6.2epss 0.01

    Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2020-11254MedMay 7, 2021
    risk 0.40cvss 6.2epss 0.00

    Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

  • CVE-2020-3664MedFeb 22, 2021
    risk 0.39cvss 6.0epss 0.00

    Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…

  • CVE-2020-11294MedMay 7, 2021
    risk 0.38cvss 5.9epss 0.00

    Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

  • CVE-2019-10482MedDec 18, 2019
    risk 0.38cvss 5.9epss 0.01

    Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2021-35119MedJun 14, 2022
    risk 0.36cvss 5.5epss 0.00

    Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35085MedJun 14, 2022
    risk 0.36cvss 5.5epss 0.00

    Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35084MedJun 14, 2022
    risk 0.36cvss 5.5epss 0.00

    Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…

Page 43 of 47