CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2022/09/02 11:31 a.m.•233 views

CVE-2022-22080

The CVE-2022-22080 entry concerns Qualcomm Snapdragon firmware: improper validation of a backend id in the PCM routing process can cause memory corruption across Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, and Voice & Music components. Root cause is memory-corrup...

CVE•added 2022/09/02 11:31 a.m.•71 views

CVE-2022-22070

CVE-2022-22070 : Memory corruption in audio due to an unchecked/invalid routing address in the APR Routing table in Qualcomm Snapdragon family products (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables). The issue is described across multiple sources (NV...

7.8CVSS7.8AI score0.00119EPSS

CVE•added 2022/09/02 11:31 a.m.•71 views

CVE-2022-22069

CVE-2022-22069 affects Qualcomm Snapdragon devices when keyprotect is disabled. The issue: unencrypted keybox stored in RPMB, enabling a cryptographic issue across Snapdragon Auto, Compute, Connectivity, Industrial IOT, Mobile, and Wearables. Root cause: keyprotect-off condition allows RPMB keybo...

7.8CVSS7.7AI score0.00092EPSS

CVE•added 2022/09/02 11:31 a.m.•81 views

CVE-2022-22067

CVE-2022-22067 affects Qualcomm Snapdragon modems (Auto/Compute/Connectivity/Mobile). The issue is a memory leak during NSA RRC Reconfiguration with an invalid Radio Bearer Config, rooted in the modem component. Documented impact includes high confidentiality, integrity, and availability concerns...

7.8CVSS7.6AI score0.00257EPSS

CVE•added 2022/09/02 11:31 a.m.•66 views

CVE-2022-22062

CVE-2022-22062 describes an out-of-bounds read during server certificate parsing caused by an improper length check in Qualcomm Snapdragon components (Snapdragon Auto, Compute, Connectivity, and other Snapdragon family products). The issue affects Snapdragon lines including Snapdragon Auto, Compu...

9.1CVSS8.9AI score0.00284EPSS

CVE•added 2022/09/02 11:31 a.m.•75 views

CVE-2022-22061

CVE-2022-22061 is a Qualcomm/Snapdragon vulnerability described as an out-of-bounds write during device ID verification caused by an improper length check before copying data. Affected components are Snapdragon Compute, Snapdragon Connectivity, and Snapdragon Mobile. The CVSS vector indicates Loc...

7.8CVSS7.6AI score0.00119EPSS

Cvelist•added 2022/09/02 11:31 a.m.•17 views

CVE-2022-22061

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

7.8CVSS7.9AI score0.00119EPSS

CVE•added 2022/09/02 11:31 a.m.•100 views

CVE-2022-22059

CVE-2022-22059 describes a memory corruption due to an out-of-bounds read when parsing a video file in Qualcomm Snapdragon components. Affected products include Snapdragon Auto, Compute, Connectivity, Industrial IOT, and Mobile. The issue is documented with a CVSS base score of 7.8 (Initial), and...

CVE•added 2022/09/02 11:31 a.m.•69 views

CVE-2021-35135

CVE-2021-35135 describes a null pointer dereference that may occur during RSA key import in Qualcomm Snapdragon platforms (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables). The CVE is tied to Qualcomm closed-source components; vulnerability impact is li...

6.2CVSS5.7AI score0.00107EPSS

Cvelist•added 2022/09/02 11:31 a.m.•17 views

CVE-2021-35132

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

8.4CVSS8.7AI score0.00119EPSS

CVE•added 2022/09/02 11:31 a.m.•67 views

CVE-2021-35132

CVE-2021-35132 describes an out-of-bounds write in Qualcomm Snapdragon DSP service (closed-source components) caused by an improper bound check on the response buffer. Affected are multiple Snapdragon line items (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Wearables). The i...

CVE•added 2022/09/02 11:30 a.m.•67 views

CVE-2021-35122

CVE-2021-35122 affects Qualcomm Snapdragon family devices (Auto/Compute/Connectivity/CIoT/Industrial IoT/Mobile/Wearables). The flaw stems from improper input validation, allowing a non-secure region to modify RG permissions of IO space xPUs, enabling local privilege escalation with high impact o...

9.3CVSS7.6AI score0.00119EPSS

CVE•added 2022/09/02 11:30 a.m.•65 views

CVE-2021-35113

CVE-2021-35113: Qualcomm Snapdragon family (Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Wearables) may suffer an authentication bypass due to improper ordering of signature verification and hashing in the signature verification path. Root cause stated as incorrect order of operations in ...

7.3CVSS6.9AI score0.00139EPSS

CVE•added 2022/09/02 11:30 a.m.•58 views

CVE-2021-35097

CVE-2021-35097 concerns an authentication bypass caused by the improper order of signature verification and hashing in Qualcomm Snapdragon’s signature verification path. Affected components span Snapdragon Auto, Compute, Connectivity, COTS IoT, Industrial IoT, Mobile, Voice & Music, and Wearables...

7.3CVSS6.9AI score0.00173EPSS

Cvelist•added 2022/09/02 11:30 a.m.•19 views

CVE-2021-35097

Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

7.3CVSS7.7AI score0.00173EPSS

Positive Technologies•added 2022/09/02 12:0 a.m.•5 views

PT-2022-15210 · Qualcomm · Snapdragon Connectivity +4

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Industrial IOT affected versions not specified Snapdragon Mobile affected...