3787 matches found
Design/Logic Flaw
Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...
Memory corruption
Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-30321
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity...
CVE-2021-30321
CVE-2021-30321 is a buffer overflow in MBSSID scan IE parse in Qualcomm Snapdragon components (Compute, Connectivity, CEC) caused by missing parameter length checks. The issue, with CVSSv3.1: 9.8 (CRITICAL), can affect confidentiality, integrity, and availability via network access. Exploitation ...
CVE-2021-30284
CVE-2021-30284 affects Qualcomm closed‑source components on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity and related IoT/mobile families). The issue arises when the NAS does not drop messages after a failed integrity check, leading to possible information exposure and...
CVE-2021-30284
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2021-30266
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...
CVE-2021-30266
CVE-2021-30266 describes a use-after-free due to improper memory validation when initializing a new interface via the Interface add command in Qualcomm Snapdragon devices (multiple product families). Affected component is memory handling during interface initialization; impact is rated high for c...
CVE-2021-30265
CVE-2021-30265 involves memory corruption from improper validation of a memory address during user-space IOCTL handling to clear Filter and Route statistics on Qualcomm/Snapdragon platforms (Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables). The issue affects S...
CVE-2021-30265
Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...
CVE-2021-30263
CVE-2021-30263 is a Qualcomm/ Snapdragon-focused race-condition vulnerability caused by a lack of synchronization when the On-Device Logging node is opened twice concurrently. Public details specify affected families and devices, including Snapdragon Compute/Industrial IOT/Mobile/Voice & Music li...
CVE-2021-30263
Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2021-30259
CVE-2021-30259 affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.) with a likely closed-source component vulnerability caused by improper validation of function table entries, leading to possible out-of-bounds access. The issue ...
CVE-2021-30259
Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure...
CVE-2021-30254
Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2021-1982
Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-1982
CVE-2021-1982 concerns Qualcomm Snapdragon family devices (Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile) where improper input validation of NAS OTA messages can cause a denial of service. The NVD entry shows CVSS v3.1 base score 7.5 (NETWORK, LOW attack complexity,...
CVE-2021-1981
Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-1981
CVE-2021-1981 involves a buffer over-read caused by an improper Bearer capability IE size check in MT setup requests from the network. It affects Qualcomm/Qualcomm closed‑source components used in Snapdragon platforms, including Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT...
CVE-2021-1979
CVE-2021-1979 describes a buffer overflow in Qualcomm Snapdragon components caused by improper validation of FTM command payloads. The affected products span Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, and Mobile lines, with exploitation potentially leading to memory cor...