3787 matches found
CVE-2021-1975
CVE-2021-1975 affects Qualcomm closed‑source components (e.g., data-modem) in Snapdragon family. Root cause: improper length check of the domain while parsing DNS responses, leading to a heap overflow. Documents indicate high/critical impact and potential remote implications in Qualcomm’s Stack; ...
CVE-2021-1973
CVE-2021-1973 concerns a vulnerability in Qualcomm Snapdragon modem software where a FTM Diag command could write arbitrarily to modem OS space. Connected sources indicate impact across multiple Snapdragon lines (Auto, Compute, Connectivity, Consumer/Industrial IoT, IoT, Mobile, Wearables, Voice ...
CVE-2021-1921
CVE-2021-1921 describes memory corruption due to improper handling of hypervisor unmap operations for concurrent memory operations in Qualcomm Snapdragon families (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile). Connected sources confirm this vulnerability across Qualcomm closed‑so...
CVE-2021-1912
The CVE-2021-1912 issue concerns Qualcomm Snapdragon firmware across Snapdragon Auto, Compute, Connectivity, Industrial IOT and Mobile families. A root cause is an integer overflow caused by an improper length check when computing count and grace period. Affected components are within the Snapdra...
GHSA-GPFH-JVF9-7WG5 Use after free / memory leak in `CollectiveReduceV2`
Impact The async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free: python import tensorflow as tf tf.rawops.CollectiveReduceV2 input=, groupsize=-10, -10, -10, groupkey=-10, -10, instancekey=-10, orderingtoken=, mergeop='Mul', finalop='Div' This occurs due to t...
NewStart CGSL CORE 5.05 / MAIN 5.05 : libexif Multiple Vulnerabilities (NS-SA-2021-0158)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...
CVE-2021-30256
Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...
CVE-2021-30258
Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-30291
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-30312
Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...
CVE-2021-30257
Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...
CVE-2021-30292
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-30288
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...
CVE-2021-30297
Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-1967
Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2021-1949
Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2021-1913
Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1917
Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables...
CVE-2021-1936
Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
Integer overflow
Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...