Lucene search

Qfe1952 Firmware Security Vulnerabilities

cve

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

7.8CVSS

7.9AI Score

0.0005EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11256

Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking

8.8CVSS

8.9AI Score

0.0004EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11257

Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking

8.8CVSS

8.8AI Score

0.0004EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11258

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking

8.8CVSS

8.8AI Score

0.0004EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11259

Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking

8.8CVSS

8.8AI Score

0.0004EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11265

Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking

5.5CVSS

5.6AI Score

0.0004EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11266

Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking

6.5CVSS

6.5AI Score

0.0004EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11267

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

8.4CVSS

7.8AI Score

0.0004EPSS

2021-06-09 07:15 AM

cve

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...

8.8CVSS

8.8AI Score

0.001EPSS

2021-02-22 07:15 AM

cve

CVE-2020-11270

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...

7.5CVSS

7.5AI Score

0.001EPSS

2021-02-22 07:15 AM

cve

CVE-2020-11296

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

7.5CVSS

7.7AI Score

0.001EPSS

2021-02-22 07:15 AM

cve

CVE-2020-11301

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.1CVSS

7.2AI Score

0.001EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapd...

7.8CVSS

7.8AI Score

0.0004EPSS

2021-09-09 08:15 AM

cve

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & M...

9CVSS

7.4AI Score

0.0004EPSS

2021-11-12 07:15 AM

cve

CVE-2021-1928

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.1CVSS

6.5AI Score

0.001EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1972

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructu...

9.8CVSS

9.6AI Score

0.002EPSS

2021-09-08 12:15 PM

cve

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-06-06 08:15 AM

cve

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

6.1CVSS

5.5AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM