3787 matches found
Design/Logic Flaw
Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
Input validation
Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
Design/Logic Flaw
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,...
Design/Logic Flaw
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...
Design/Logic Flaw
Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...
Design/Logic Flaw
Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-1925
Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2021-1915
CVE-2021-1915 is a documented buffer overflow vulnerability arising from improper validation of the NDP application information length in Qualcomm Snapdragon platforms (Auto/Compute/Connectivity/CE/IoT/Industrial IoT/Mobile/Voice & Music/WIN). The initial entry states a buffer overflow risk witho...
CVE-2021-1925
CVE-2021-1925 is a DoS vulnerability tied to Qualcomm Snapdragon closed‑source components. The root cause, per the available documents, is improper handling of the Group Management Operations Framework in various Snapdragon lines (Auto, Compute, Connectivity, CE Connectivity, IoT, Industrial IoT,...
CVE-2021-1910
CVE-2021-1910 is reported as a double-free in Qualcomm’s video stack caused by missing input-buffer length checks. Public sources tie it to Qualcomm closed‑source components (Snapdragon family) and reference a May‑2021 Qualcomm bulletin for fixes. Exploitation details are not provided in the supp...
CVE-2021-1906
Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2021-1905
CVE-2021-1905 is a memory-management vulnerability (use-after-free) in Qualcomm Snapdragon chipsets caused by improper handling of memory mapping across multiple processes. Affects a broad range of Snapdragon products (Auto, Compute, Connectivity, IoT, Mobile, Wearables, etc.). The CVE is charact...
CVE-2021-1906
CVE-2021-1906 affects Qualcomm Snapdragon GPU address management across Snapdragon Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Wearables. Root cause: improper handling of address deregistration on failure can lead to a new GPU address allocation failure. CVSS reflects Medium seve...
CVE-2020-11295
CVE-2020-11295 affects Qualcomm camera drivers on Snapdragon platforms. The issue is a use-after-free caused by the thread manager being released while a worker thread processes objects, leading to potential memory access hazards within the Qualcomm Camera Driver (covering numerous devices/models...
CVE-2020-11294
CVE-2020-11294 is a Qualcomm Snapdragon vulnerability affecting the logger component across Snapdragon Auto, Compute, Connectivity, IOT, Industrial IOT, Mobile, and Wearables. The root cause is an out-of-bounds write caused by a prefix size not being validated when prepended to the logging string...
CVE-2020-11294
Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...
CVE-2020-11293
CVE-2020-11293 details an out-of-bounds read in Widevine Trust Authority (TA) when copying data from user input to a buffer, caused by a missing/incorrect buffer-length check. Affected hardware/software span Snapdragon ranges (Auto/Compute/Connectivity/IoT/etc.) and Widevine components in Qualcom...
CVE-2020-11288
Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2020-11288
The CVE-2020-11288 entry concerns an out-of-bounds write in PlayReady processing commands caused by insufficient input validation on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon Mobile and related IoT/Voice products). Public records in multiple feeds (RH, ...
CVE-2020-11284
CVE-2020-11284 describes a memory-protection issue in Qualcomm Snapdragon SoCs where a non-secure bootloader can unlock and modify previously locked memory through an improper system call sequence, making a memory region an untrusted input source for the secure boot loader. Affected platforms inc...