Vendor CVEs
Qualcomm
All CVEs
2,042 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-21782 | 0.00 | — | 0.00 | Jul 6, 2022 | In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508. | |||
| CVE-2022-21779 | 0.00 | — | 0.00 | Jul 6, 2022 | In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393. | |||
| CVE-2022-31887 | 0.00 | — | 0.01 | Jun 28, 2022 | Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user can also escalate achieve Privilege Escalation by changing the administrator password. | |||
| CVE-2022-31884 | 0.00 | — | 0.01 | Jun 28, 2022 | Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys. | |||
| CVE-2022-31883 | 0.00 | — | 0.01 | Jun 28, 2022 | Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys. | |||
| CVE-2021-35129 | 0.00 | — | 0.00 | Jun 14, 2022 | Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure… | |||
| CVE-2021-35126 | 0.00 | — | 0.00 | Jun 14, 2022 | Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35123 | 0.00 | — | 0.00 | Jun 14, 2022 | Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT | |||
| CVE-2021-35112 | 0.00 | — | 0.00 | Jun 14, 2022 | A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon… | |||
| CVE-2021-35100 | 0.00 | — | 0.01 | Jun 14, 2022 | Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2021-35095 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile | |||
| CVE-2021-35091 | 0.00 | — | 0.00 | Jun 14, 2022 | Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile | |||
| CVE-2021-35081 | 0.00 | — | 0.01 | Jun 14, 2022 | Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon… | |||
| CVE-2021-35071 | 0.00 | — | 0.00 | Jun 14, 2022 | Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables,… | |||
| CVE-2021-35070 | 0.00 | — | 0.00 | Jun 14, 2022 | RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30350 | 0.00 | — | 0.00 | Jun 14, 2022 | Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||
| CVE-2021-30349 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables,… | |||
| CVE-2021-30347 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30346 | 0.00 | — | 0.00 | Jun 14, 2022 | RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||
| CVE-2021-30345 | 0.00 | — | 0.00 | Jun 14, 2022 | RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||
| CVE-2021-30344 | 0.00 | — | 0.01 | Jun 14, 2022 | Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2021-30343 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30342 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2021-30341 | 0.00 | — | 0.01 | Jun 14, 2022 | Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||
| CVE-2021-30340 | 0.00 | — | 0.01 | Jun 14, 2022 | Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-30338 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute | |||
| CVE-2021-30327 | 0.00 | — | 0.00 | Jun 14, 2022 | Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music | |||
| CVE-2021-30281 | 0.00 | — | 0.00 | Jun 14, 2022 | Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &… | |||
| CVE-2022-22072 | 0.00 | — | 0.00 | Jun 14, 2022 | Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||
| CVE-2022-22068 | 0.00 | — | 0.00 | Jun 14, 2022 | kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,… | |||
| CVE-2022-22065 | 0.00 | — | 0.01 | Jun 14, 2022 | Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | |||
| CVE-2021-35116 | 0.00 | — | 0.00 | Jun 14, 2022 | APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||
| CVE-2021-35098 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2021-35096 | 0.00 | — | 0.01 | Jun 14, 2022 | Improper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35094 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35092 | 0.00 | — | 0.00 | Jun 14, 2022 | Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | |||
| CVE-2021-35090 | 0.00 | — | 0.00 | Jun 14, 2022 | Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35086 | 0.00 | — | 0.01 | Jun 14, 2022 | Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35084 | 0.00 | — | 0.00 | Jun 14, 2022 | Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon… | |||
| CVE-2021-35082 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT | |||
| CVE-2021-35080 | 0.00 | — | 0.00 | Jun 14, 2022 | Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||
| CVE-2021-35079 | 0.00 | — | 0.00 | Jun 14, 2022 | Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35076 | 0.00 | — | 0.01 | Jun 14, 2022 | Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2021-35073 | 0.00 | — | 0.01 | Jun 14, 2022 | Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2022-22103 | 0.00 | — | 0.00 | Jun 14, 2022 | Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto | |||
| CVE-2022-22090 | 0.00 | — | 0.00 | Jun 14, 2022 | Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||
| CVE-2022-22087 | 0.00 | — | 0.01 | Jun 14, 2022 | memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2022-22086 | 0.00 | — | 0.01 | Jun 14, 2022 | Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2022-22085 | 0.00 | — | 0.00 | Jun 14, 2022 | Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2022-22084 | 0.00 | — | 0.00 | Jun 14, 2022 | Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
- CVE-2022-21782Jul 6, 2022risk 0.00cvss —epss 0.00
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704508.
- CVE-2022-21779Jul 6, 2022risk 0.00cvss —epss 0.00
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393.
- CVE-2022-31887Jun 28, 2022risk 0.00cvss —epss 0.01
Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user can also escalate achieve Privilege Escalation by changing the administrator password.
- CVE-2022-31884Jun 28, 2022risk 0.00cvss —epss 0.01
Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys.
- CVE-2022-31883Jun 28, 2022risk 0.00cvss —epss 0.01
Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.
- CVE-2021-35129Jun 14, 2022risk 0.00cvss —epss 0.00
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure…
- CVE-2021-35126Jun 14, 2022risk 0.00cvss —epss 0.00
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35123Jun 14, 2022risk 0.00cvss —epss 0.00
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT
- CVE-2021-35112Jun 14, 2022risk 0.00cvss —epss 0.00
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…
- CVE-2021-35100Jun 14, 2022risk 0.00cvss —epss 0.01
Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2021-35095Jun 14, 2022risk 0.00cvss —epss 0.00
Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile
- CVE-2021-35091Jun 14, 2022risk 0.00cvss —epss 0.00
Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile
- CVE-2021-35081Jun 14, 2022risk 0.00cvss —epss 0.01
Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon…
- CVE-2021-35071Jun 14, 2022risk 0.00cvss —epss 0.00
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables,…
- CVE-2021-35070Jun 14, 2022risk 0.00cvss —epss 0.00
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30350Jun 14, 2022risk 0.00cvss —epss 0.00
Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- CVE-2021-30349Jun 14, 2022risk 0.00cvss —epss 0.00
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables,…
- CVE-2021-30347Jun 14, 2022risk 0.00cvss —epss 0.00
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30346Jun 14, 2022risk 0.00cvss —epss 0.00
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
- CVE-2021-30345Jun 14, 2022risk 0.00cvss —epss 0.00
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
- CVE-2021-30344Jun 14, 2022risk 0.00cvss —epss 0.01
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2021-30343Jun 14, 2022risk 0.00cvss —epss 0.00
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30342Jun 14, 2022risk 0.00cvss —epss 0.00
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2021-30341Jun 14, 2022risk 0.00cvss —epss 0.01
Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- CVE-2021-30340Jun 14, 2022risk 0.00cvss —epss 0.01
Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-30338Jun 14, 2022risk 0.00cvss —epss 0.00
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute
- CVE-2021-30327Jun 14, 2022risk 0.00cvss —epss 0.00
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
- CVE-2021-30281Jun 14, 2022risk 0.00cvss —epss 0.00
Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice &…
- CVE-2022-22072Jun 14, 2022risk 0.00cvss —epss 0.00
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
- CVE-2022-22068Jun 14, 2022risk 0.00cvss —epss 0.00
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…
- CVE-2022-22065Jun 14, 2022risk 0.00cvss —epss 0.01
Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- CVE-2021-35116Jun 14, 2022risk 0.00cvss —epss 0.00
APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
- CVE-2021-35098Jun 14, 2022risk 0.00cvss —epss 0.00
Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2021-35096Jun 14, 2022risk 0.00cvss —epss 0.01
Improper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35094Jun 14, 2022risk 0.00cvss —epss 0.00
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35092Jun 14, 2022risk 0.00cvss —epss 0.00
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- CVE-2021-35090Jun 14, 2022risk 0.00cvss —epss 0.00
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35086Jun 14, 2022risk 0.00cvss —epss 0.01
Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35084Jun 14, 2022risk 0.00cvss —epss 0.00
Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…
- CVE-2021-35082Jun 14, 2022risk 0.00cvss —epss 0.00
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT
- CVE-2021-35080Jun 14, 2022risk 0.00cvss —epss 0.00
Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
- CVE-2021-35079Jun 14, 2022risk 0.00cvss —epss 0.00
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35076Jun 14, 2022risk 0.00cvss —epss 0.01
Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2021-35073Jun 14, 2022risk 0.00cvss —epss 0.01
Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2022-22103Jun 14, 2022risk 0.00cvss —epss 0.00
Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto
- CVE-2022-22090Jun 14, 2022risk 0.00cvss —epss 0.00
Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
- CVE-2022-22087Jun 14, 2022risk 0.00cvss —epss 0.01
memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2022-22086Jun 14, 2022risk 0.00cvss —epss 0.01
Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2022-22085Jun 14, 2022risk 0.00cvss —epss 0.00
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2022-22084Jun 14, 2022risk 0.00cvss —epss 0.00
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Page 22 of 41