3787 matches found
Information disclosure
Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Information disclosure
Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...
Null pointer dereference
Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT...
Buffer overflow
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired...
Authentication flaw
Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
Authentication flaw
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
CVE-2021-1972
CVE-2021-1972 is a Qualcomm WLAN host vulnerability described as a buffer overflow caused by improper validation of device types during P2P search in Snapdragon platforms (Auto/Compute/Connectivity/…/Wired Networking). Affected products are Qualcomm/Snapdragon WLAN components; CVSS v3.1 base scor...
CVE-2021-1930
CVE-2021-1930 describes a buffer-length validation bug in Qualcomm Snapdragon components (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, and Mobile) that can cause an out-of-bounds read. The root cause is incorrect validation of the incoming buffer length, leading to potent...
CVE-2021-1929
The provided documents confirm CVE-2021-1929 affects Qualcomm Snapdragon components due to a lack of strict validation of bootmode, enabling potential information disclosure. The NVD entry lists impact as information disclosure with a LOCAL attack vector and LOW to MEDIUM severity depending on th...
CVE-2021-1923
Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT...
CVE-2021-1923
CVE-2021-1923 involves a Qualcomm/ Snapdragon trusted-application (TA) vulnerability where an incorrect pointer argument passed to a TA could cause unintended memory operations. Connected sources confirm the root cause as a mis-passed pointer to a TA, with affected Qualcomm/Snapdragon components ...
CVE-2021-1919
CVE-2021-1919 describes an integer underflow in Qualcomm Snapdragon video/RTCP handling where the RTCP length is smaller than the actual number of blocks, affecting Snapdragon Auto, Compute, Connectivity, Ciot, Industrial IoT, IoT, Voice & Music, Wearables and related Snapdragon lines. The vulner...
CVE-2021-1914
Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2021-1914
CVE-2021-1914 affects Qualcomm Snapdragon families (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Voice & Music, Wearables). Root cause: mishandling of unsupported input can cause a loop with an unreachable exit condition. Impact: described as a high-severity issue with potentia...
CVE-2020-11264
Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
FusionCompute 信息泄露漏洞
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. FusionCompute suffers from an information disclosure vulnerability that originates from improper storage of specific information ...
vulkan bug fix and enhancement update
The vulkan packages contain the reference ICD loader and validation layers for Vulkan, a graphics and compute API for cross-platform access to modern GPUs. Bug Fixes and Enhancements: Rebase vulkan-loader in 8.5 BZ1952989 Rebase vulkan-headers in 8.5 BZ1952990 Rebase spirv-headers in 8.5 BZ195299...
PT-2021-7409 · Qualcomm · Qualcomm Snapdragon Wearables +7
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto versions affected versions not specified Qualcomm Snapdragon Compute versions affected versions not specified Qualcomm Snapdragon Connectivity versions affected versions not specified Qualcomm Snapdragon Consumer IOT...
CVE-2021-3043
A reflected cross-site scripting XSS vulnerability exists in the Prisma Cloud Compute web console that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console while an authenticated administrator is using that web interface. Prisma Cloud Compute SaaS versio...
CVE-2021-3043
A reflected cross-site scripting XSS vulnerability exists in the Prisma Cloud Compute web console that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console while an authenticated administrator is using that web interface. Prisma Cloud Compute SaaS versio...