Lucene search

Qsm8250 Firmware Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2020-11170

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

9.8CVSS

9.2AI Score

0.002EPSS

2021-02-22 07:15 AM

cve

CVE-2020-11182

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

9.8CVSS

9.5AI Score

0.002EPSS

2021-06-09 05:15 AM

cve

CVE-2020-11301

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.1CVSS

7.2AI Score

0.001EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & M...

9CVSS

7.4AI Score

0.0004EPSS

2021-11-12 07:15 AM

cve

CVE-2021-1942

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastru...

9.3CVSS

8.8AI Score

0.0004EPSS

2022-04-01 05:15 AM

cve

CVE-2021-30275

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networ...

9.3CVSS

7.8AI Score

0.0004EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30276

Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking

9.3CVSS

7.6AI Score

0.0004EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30285

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

9.3CVSS

8.6AI Score

0.0004EPSS

2022-01-13 12:15 PM

cve

CVE-2021-30351

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wear...

9.8CVSS

9.4AI Score

0.002EPSS

2022-01-03 08:15 AM

110

cve

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

9.8CVSS

9.6AI Score

0.002EPSS

2022-06-14 10:15 AM

cve

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-19 11:15 AM

cve

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

9.3CVSS

7.8AI Score

0.0004EPSS

2023-04-13 07:15 AM

cve

CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

9.3CVSS

7.8AI Score

0.0004EPSS

2023-02-12 04:15 AM

cve

CVE-2022-33234

Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

9.8CVSS

9.5AI Score

0.002EPSS

2022-11-15 10:15 AM

cve

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS

7AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

9.3CVSS

9AI Score

0.0004EPSS

2023-04-13 07:15 AM

cve

CVE-2022-40510

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

9.8CVSS

9.6AI Score

0.001EPSS

2023-08-08 10:15 AM

cve

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

9.8CVSS

9.6AI Score

0.002EPSS

2023-02-12 04:15 AM

cve

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

9.3CVSS

7.5AI Score

0.0004EPSS

2023-08-08 10:15 AM

cve

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

9.3CVSS

7.8AI Score

0.0004EPSS

2024-01-02 06:15 AM

cve

CVE-2023-33072

Memory corruption in Core while processing control functions.

9.3CVSS

7.8AI Score

0.0004EPSS

2024-02-06 06:16 AM