Lucene search

Ar6003 Firmware Security Vulnerabilities

cve

CVE-2020-11166

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

9.1CVSS

9AI Score

0.002EPSS

2021-03-17 06:15 AM

cve

CVE-2020-11170

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

9.8CVSS

9.2AI Score

0.002EPSS

2021-02-22 07:15 AM

cve

CVE-2020-11171

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS

9.1AI Score

0.002EPSS

2021-03-17 06:15 AM

cve

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS

8.7AI Score

0.0004EPSS

2021-02-22 07:15 AM

cve

CVE-2020-11191

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon ...

9.1CVSS

8.9AI Score

0.002EPSS

2021-04-07 08:15 AM

cve

CVE-2020-11251

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

9.1CVSS

9.1AI Score

0.002EPSS

2021-04-07 08:15 AM

cve

CVE-2020-11279

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...

9.8CVSS

9.4AI Score

0.002EPSS

2021-05-07 09:15 AM

cve

CVE-2020-11292

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

7.8CVSS

7.9AI Score

0.0004EPSS

2021-06-09 07:15 AM

cve

CVE-2021-1916

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS

9.4AI Score

0.002EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1920

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS

9.3AI Score

0.002EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1955

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Sn...

7.5CVSS

7.5AI Score

0.001EPSS

2021-07-13 06:15 AM

cve

CVE-2021-1972

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructu...

9.8CVSS

9.6AI Score

0.002EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1973

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS

7.8AI Score

0.0004EPSS

2021-11-12 07:15 AM

cve

CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS

9.6AI Score

0.002EPSS

2021-11-12 07:15 AM

cve

CVE-2021-30261

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS

7.9AI Score

0.0004EPSS

2021-09-17 07:15 AM

cve

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS

7.8AI Score

0.0004EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdrago...

7.8CVSS

7.7AI Score

0.0004EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30273

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

7.5CVSS

7.6AI Score

0.001EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30284

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

9.1CVSS

8.8AI Score

0.002EPSS

2021-11-12 07:15 AM

cve

CVE-2021-30293

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

7.5CVSS

7.6AI Score

0.001EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS

7.6AI Score

0.001EPSS

2022-06-14 10:15 AM

cve

CVE-2021-35115

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

8.4CVSS

7.8AI Score

0.0004EPSS

2022-04-01 05:15 AM

cve

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS

7.9AI Score

0.0004EPSS

2022-12-13 04:15 PM

cve

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

8.4CVSS

7.7AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-25720

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

9.8CVSS

9.4AI Score

0.002EPSS

2022-10-19 11:15 AM

cve

CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP packet

8.8CVSS

9.3AI Score

0.001EPSS

2023-03-10 09:15 PM

cve

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9CVSS

8AI Score

0.001EPSS

2023-06-06 08:15 AM

cve

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS

6.8AI Score

0.001EPSS

2023-04-13 07:15 AM

cve

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-04-13 07:15 AM

cve

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-06 08:15 AM

cve

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2CVSS

7.3AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2CVSS

7.3AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM