VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2022-22083Jun 14, 2022
    risk 0.00cvss epss 0.01

    Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2022-22082Jun 14, 2022
    risk 0.00cvss epss 0.00

    Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…

  • CVE-2021-35121Jun 14, 2022
    risk 0.00cvss epss 0.00

    An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35120Jun 14, 2022
    risk 0.00cvss epss 0.00

    Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35119Jun 14, 2022
    risk 0.00cvss epss 0.00

    Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35118Jun 14, 2022
    risk 0.00cvss epss 0.00

    An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-35114Jun 14, 2022
    risk 0.00cvss epss 0.00

    Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto

  • CVE-2021-35111Jun 14, 2022
    risk 0.00cvss epss 0.00

    Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile

  • CVE-2021-35102Jun 14, 2022
    risk 0.00cvss epss 0.00

    Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

  • CVE-2021-35101Jun 14, 2022
    risk 0.00cvss epss 0.00

    Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile

  • CVE-2021-35083Jun 14, 2022
    risk 0.00cvss epss 0.00

    Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2022-22057Jun 14, 2022
    risk 0.00cvss epss 0.00

    Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

  • CVE-2022-21756Jun 6, 2022
    risk 0.00cvss epss 0.00

    In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950.

  • CVE-2022-21753Jun 6, 2022
    risk 0.00cvss epss 0.00

    In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493873; Issue ID: ALPS06493899.

  • CVE-2022-21750Jun 6, 2022
    risk 0.00cvss epss 0.00

    In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283.

  • CVE-2021-35117Apr 1, 2022
    risk 0.00cvss epss 0.01

    An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

  • CVE-2021-35115Apr 1, 2022
    risk 0.00cvss epss 0.00

    Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

  • CVE-2021-35110Apr 1, 2022
    risk 0.00cvss epss 0.00

    Possible buffer overflow to improper validation of hash segment of file while allocating memory in Snapdragon Connectivity, Snapdragon Mobile

  • CVE-2021-35106Apr 1, 2022
    risk 0.00cvss epss 0.00

    Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-35105Apr 1, 2022
    risk 0.00cvss epss 0.00

    Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-35103Apr 1, 2022
    risk 0.00cvss epss 0.00

    Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired…

  • CVE-2021-35089Apr 1, 2022
    risk 0.00cvss epss 0.00

    Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto

  • CVE-2021-35088Apr 1, 2022
    risk 0.00cvss epss 0.01

    Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon…

  • CVE-2021-30333Apr 1, 2022
    risk 0.00cvss epss 0.00

    Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-30332Apr 1, 2022
    risk 0.00cvss epss 0.01

    Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30331Apr 1, 2022
    risk 0.00cvss epss 0.00

    Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

  • CVE-2021-30329Apr 1, 2022
    risk 0.00cvss epss 0.01

    Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30328Apr 1, 2022
    risk 0.00cvss epss 0.01

    Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-1950Apr 1, 2022
    risk 0.00cvss epss 0.00

    Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

  • CVE-2021-1942Apr 1, 2022
    risk 0.00cvss epss 0.00

    Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,…

  • CVE-2021-35077Feb 11, 2022
    risk 0.00cvss epss 0.00

    Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35074Feb 11, 2022
    risk 0.00cvss epss 0.00

    Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-35069Feb 11, 2022
    risk 0.00cvss epss 0.00

    Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired…

  • CVE-2021-30326Feb 11, 2022
    risk 0.00cvss epss 0.01

    Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30324Feb 11, 2022
    risk 0.00cvss epss 0.00

    Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…

  • CVE-2021-30323Feb 11, 2022
    risk 0.00cvss epss 0.00

    Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-30322Feb 11, 2022
    risk 0.00cvss epss 0.00

    Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30318Feb 11, 2022
    risk 0.00cvss epss 0.00

    Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-30309Feb 11, 2022
    risk 0.00cvss epss 0.00

    Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30353Jan 13, 2022
    risk 0.00cvss epss 0.01

    Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-30330Jan 13, 2022
    risk 0.00cvss epss 0.01

    Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2021-30319Jan 13, 2022
    risk 0.00cvss epss 0.00

    Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2021-30313Jan 13, 2022
    risk 0.00cvss epss 0.00

    Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…

  • CVE-2021-30311Jan 13, 2022
    risk 0.00cvss epss 0.00

    Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30308Jan 13, 2022
    risk 0.00cvss epss 0.00

    Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30307Jan 13, 2022
    risk 0.00cvss epss 0.01

    Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

  • CVE-2021-30301Jan 13, 2022
    risk 0.00cvss epss 0.01

    Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30300Jan 13, 2022
    risk 0.00cvss epss 0.01

    Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…

  • CVE-2021-30287Jan 13, 2022
    risk 0.00cvss epss 0.01

    Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2021-30285Jan 13, 2022
    risk 0.00cvss epss 0.00

    Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Page 23 of 41