Qca6421 Firmware Security Vulnerabilities and Issues — Page 3 of Qca6421 Firmware CVE List

Lucene search

QualcommQca6421 Firmware

407 matches found

CVE•added 2023/10/03 6:15 a.m.•74 views

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2024/01/02 6:15 a.m.•74 views

CVE-2023-33114

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.

8.4CVSS7.9AI score0.00112EPSS

CVE•added 2022/11/15 10:15 a.m.•73 views

CVE-2022-25724

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00097EPSS

CVE•added 2023/09/05 7:15 a.m.•73 views

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS8.1AI score0.00044EPSS

CVE•added 2023/08/08 10:15 a.m.•73 views

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS7AI score0.0005EPSS

CVE•added 2023/11/07 6:15 a.m.•73 views

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

8.8CVSS7.3AI score0.00102EPSS

CVE•added 2024/04/01 3:15 p.m.•73 views

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

7.8CVSS8AI score0.00044EPSS

CVE•added 2021/02/22 7:15 a.m.•72 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS8.7AI score0.00033EPSS

CVE•added 2021/06/09 5:15 a.m.•72 views

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2021/09/08 12:15 p.m.•72 views

CVE-2020-11301

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.1CVSS7.2AI score0.02348EPSS

CVE•added 2022/06/14 10:15 a.m.•72 views

CVE-2021-35083

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

9.4CVSS9AI score0.00142EPSS

CVE•added 2022/06/14 10:15 a.m.•72 views

CVE-2021-35086

Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.6AI score0.00415EPSS

CVE•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS7.7AI score0.00091EPSS

CVE•added 2021/02/22 7:15 a.m.•71 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2021/02/22 7:15 a.m.•71 views

CVE-2020-11278

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2023/04/13 7:15 a.m.•71 views

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

9.3CVSS9.4AI score0.00051EPSS

CVE•added 2023/03/10 9:15 p.m.•71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/08/08 10:15 a.m.•71 views

CVE-2023-21649

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

7.8CVSS7AI score0.00034EPSS

CVE•added 2023/07/04 5:15 a.m.•71 views

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2021/07/13 6:15 a.m.•70 views

CVE-2021-1938

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2022/06/14 10:15 a.m.•70 views

CVE-2021-35076

Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.6AI score0.0042EPSS

CVE•added 2023/07/04 5:15 a.m.•70 views

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status information.

7.8CVSS7.7AI score0.0006EPSS

CVE•added 2024/02/06 6:15 a.m.•70 views

CVE-2023-33049

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.

7.5CVSS7.5AI score0.00092EPSS

CVE•added 2024/02/06 6:16 a.m.•70 views

CVE-2023-33072

Memory corruption in Core while processing control functions.

9.3CVSS7.8AI score0.00029EPSS

CVE•added 2021/02/22 7:15 a.m.•69 views

CVE-2020-11281

Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S...

7.5CVSS7.3AI score0.0024EPSS

CVE•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-25709

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

8.4CVSS8AI score0.00067EPSS

CVE•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

7.8CVSS7.9AI score0.00046EPSS

CVE•added 2023/10/03 6:15 a.m.•69 views

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

8.7CVSS7.9AI score0.00024EPSS

CVE•added 2023/07/04 5:15 a.m.•69 views

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2023/10/03 6:15 a.m.•69 views

CVE-2023-24843

Transient DOS in Modem while triggering a camping on an 5G cell.

7.5CVSS7.5AI score0.00087EPSS

CVE•added 2023/11/07 6:15 a.m.•69 views

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS7.2AI score0.00045EPSS

CVE•added 2024/01/02 6:15 a.m.•69 views

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.

7.1CVSS5.5AI score0.00049EPSS

CVE•added 2024/01/02 6:15 a.m.•69 views

CVE-2023-33037

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.

7.1CVSS5.5AI score0.00033EPSS

CVE•added 2021/07/13 6:15 a.m.•68 views

CVE-2020-11307

Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

10CVSS9.5AI score0.00262EPSS

CVE•added 2021/02/22 7:15 a.m.•68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS

CVE•added 2023/04/13 7:15 a.m.•68 views

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

7.8CVSS6.7AI score0.00042EPSS

CVE•added 2024/04/01 3:15 p.m.•68 views

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

8.4CVSS8.7AI score0.00044EPSS

CVE•added 2023/12/05 3:15 a.m.•68 views

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the Network.

7.5CVSS7.5AI score0.00187EPSS

CVE•added 2024/02/06 6:16 a.m.•68 views

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

7.5CVSS7.5AI score0.00122EPSS

CVE•added 2024/05/06 3:15 p.m.•68 views

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

7.8CVSS7.2AI score0.00082EPSS

CVE•added 2021/02/22 7:15 a.m.•67 views

CVE-2020-11253

Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2022/06/14 10:15 a.m.•67 views

CVE-2021-35090

Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

9.3CVSS7.8AI score0.00179EPSS

CVE•added 2022/09/02 12:15 p.m.•67 views

CVE-2022-22067

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

7.8CVSS7.6AI score0.00157EPSS

CVE•added 2022/10/19 11:15 a.m.•67 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.0029EPSS

CVE•added 2023/06/06 8:15 a.m.•67 views

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS7.5AI score0.00106EPSS

CVE•added 2023/07/04 5:15 a.m.•67 views

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

6.8CVSS6.6AI score0.00073EPSS

CVE•added 2024/02/06 6:16 a.m.•67 views

CVE-2023-33076

Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.