Snapdragon
by Qualcomm
CVEs (512)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-30282 | Hig | 0.55 | 8.4 | 0.00 | Jan 3, 2022 | Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired… | ||
| CVE-2021-30262 | Hig | 0.55 | 8.4 | 0.00 | Jan 3, 2022 | Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | ||
| CVE-2021-1912 | Hig | 0.55 | 8.4 | 0.00 | Nov 12, 2021 | Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||
| CVE-2021-30258 | Hig | 0.55 | 8.4 | 0.00 | Oct 20, 2021 | Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | ||
| CVE-2021-30256 | Hig | 0.55 | 8.4 | 0.00 | Oct 20, 2021 | Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | ||
| CVE-2021-1984 | Hig | 0.55 | 8.4 | 0.00 | Oct 20, 2021 | Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | ||
| CVE-2021-1917 | Hig | 0.55 | 8.4 | 0.00 | Oct 20, 2021 | Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables | ||
| CVE-2021-30290 | Hig | 0.55 | 8.4 | 0.00 | Sep 9, 2021 | Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||
| CVE-2021-1934 | Hig | 0.55 | 8.4 | 0.00 | Sep 9, 2021 | Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | ||
| CVE-2021-1940 | Hig | 0.55 | 8.4 | 0.00 | Jul 13, 2021 | Use after free can occur due to improper handling of response from firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2021-1886 | Hig | 0.55 | 8.4 | 0.00 | Jul 13, 2021 | Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon… | ||
| CVE-2021-1900 | Hig | 0.55 | 8.4 | 0.00 | Jun 9, 2021 | Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2020-11267 | Hig | 0.55 | 8.4 | 0.00 | Jun 9, 2021 | Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | ||
| CVE-2020-11284 | Hig | 0.55 | 8.4 | 0.00 | May 7, 2021 | Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon… | ||
| CVE-2022-33268 | Hig | 0.53 | 8.2 | 0.00 | Dec 13, 2022 | Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2022-25706 | Hig | 0.53 | 8.2 | 0.00 | Sep 16, 2022 | Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||
| CVE-2021-30349 | Hig | 0.53 | 8.2 | 0.00 | Jun 14, 2022 | Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables,… | ||
| CVE-2021-35088 | Hig | 0.53 | 8.2 | 0.01 | Apr 1, 2022 | Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon… | ||
| CVE-2020-11247 | Hig | 0.53 | 8.2 | 0.01 | Apr 7, 2021 | Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2019-10494 | Hig | 0.53 | 8.1 | 0.00 | Dec 12, 2019 | Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… |
- risk 0.55cvss 8.4epss 0.00
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired…
- risk 0.55cvss 8.4epss 0.00
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- risk 0.55cvss 8.4epss 0.00
Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- risk 0.55cvss 8.4epss 0.00
Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- risk 0.55cvss 8.4epss 0.00
Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
- risk 0.55cvss 8.4epss 0.00
Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- risk 0.55cvss 8.4epss 0.00
Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables
- risk 0.55cvss 8.4epss 0.00
Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- risk 0.55cvss 8.4epss 0.00
Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
- risk 0.55cvss 8.4epss 0.00
Use after free can occur due to improper handling of response from firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.55cvss 8.4epss 0.00
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon…
- risk 0.55cvss 8.4epss 0.00
Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.55cvss 8.4epss 0.00
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- risk 0.55cvss 8.4epss 0.00
Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…
- risk 0.53cvss 8.2epss 0.00
Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.53cvss 8.2epss 0.00
Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
- risk 0.53cvss 8.2epss 0.00
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables,…
- risk 0.53cvss 8.2epss 0.01
Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon…
- risk 0.53cvss 8.2epss 0.01
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.53cvss 8.1epss 0.00
Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
Page 9 of 26