Qca6426 Firmware Security Vulnerabilities and Issues — Page 2 of Qca6426 Firmware CVE List

Lucene search

QualcommQca6426 Firmware

637 matches found

CVE•added 2021/02/22 7:15 a.m.•104 views

CVE-2020-11277

Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

7.4CVSS7.5AI score0.00027EPSS

CVE•added 2021/07/13 6:15 a.m.•104 views

CVE-2021-1907

Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.8AI score0.00329EPSS

CVE•added 2023/06/06 8:15 a.m.•104 views

CVE-2023-21669

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

8.2CVSS7.5AI score0.0008EPSS

CVE•added 2023/09/05 7:15 a.m.•104 views

CVE-2023-28581

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

9.8CVSS9.8AI score0.00133EPSS

CVE•added 2021/06/09 5:15 a.m.•102 views

CVE-2020-11262

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7CVSS7.1AI score0.00034EPSS

CVE•added 2021/02/22 7:15 a.m.•102 views

CVE-2020-11271

Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructur...

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2022/06/14 10:15 a.m.•102 views

CVE-2022-22064

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2021/06/09 5:15 a.m.•101 views

CVE-2020-11250

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

7CVSS7.2AI score0.00029EPSS

CVE•added 2022/02/11 11:15 a.m.•100 views

CVE-2021-30326

Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2022/04/01 5:15 a.m.•100 views

CVE-2021-30332

Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2021/03/17 6:15 a.m.•99 views

CVE-2020-11308

Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.2CVSS6.8AI score0.00037EPSS

CVE•added 2021/03/17 6:15 a.m.•99 views

CVE-2020-11309

Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.00037EPSS

CVE•added 2022/02/11 11:15 a.m.•99 views

CVE-2021-30317

Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

9.3CVSS7.7AI score0.00041EPSS

CVE•added 2022/06/14 10:15 a.m.•99 views

CVE-2022-22087

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.7AI score0.00369EPSS

CVE•added 2021/07/13 6:15 a.m.•98 views

CVE-2021-1964

Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.5CVSS7.6AI score0.00394EPSS

CVE•added 2024/02/06 6:16 a.m.•98 views

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

7.8CVSS7.7AI score0.00053EPSS

CVE•added 2024/04/01 3:15 p.m.•98 views

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

8.4CVSS8.6AI score0.00044EPSS

CVE•added 2021/03/17 6:15 a.m.•97 views

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.5AI score0.0024EPSS

CVE•added 2022/06/14 10:15 a.m.•97 views

CVE-2022-22082

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00123EPSS

CVE•added 2024/01/02 6:15 a.m.•97 views

CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

7.8CVSS7.9AI score0.00136EPSS

CVE•added 2022/02/11 11:15 a.m.•96 views

CVE-2021-30324

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdra...

6.7CVSS6.8AI score0.00047EPSS

CVE•added 2023/01/09 8:15 a.m.•96 views

CVE-2022-33255

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.

8.2CVSS6.8AI score0.0008EPSS

CVE•added 2023/12/05 3:15 a.m.•96 views

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot allocation.

7.5CVSS7.5AI score0.00435EPSS

CVE•added 2021/03/17 6:15 a.m.•95 views

CVE-2020-11186

Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2021/02/22 7:15 a.m.•95 views

CVE-2020-11297

Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...

7.8CVSS7.5AI score0.00245EPSS

CVE•added 2022/09/16 6:15 a.m.•95 views

CVE-2022-22095

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.8AI score0.00089EPSS

CVE•added 2023/03/10 9:15 p.m.•95 views

CVE-2022-40537

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

9.8CVSS8AI score0.00071EPSS

CVE•added 2023/09/05 7:15 a.m.•95 views

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command submission.

8.4CVSS8.2AI score0.00029EPSS

CVE•added 2021/07/13 6:15 a.m.•94 views

CVE-2021-1970

Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.5CVSS7.5AI score0.00216EPSS

CVE•added 2022/04/01 5:15 a.m.•94 views

CVE-2021-30329

Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2022/06/14 10:15 a.m.•94 views

CVE-2021-35112

A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

8.4CVSS7.6AI score0.00085EPSS

CVE•added 2023/11/07 6:15 a.m.•94 views

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2021/03/17 6:15 a.m.•93 views

CVE-2020-11190

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2021/11/12 7:15 a.m.•93 views

CVE-2021-30259

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

7.8CVSS7.7AI score0.00048EPSS

CVE•added 2023/07/04 5:15 a.m.•93 views

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2023/03/10 9:15 p.m.•92 views

CVE-2022-22075

Information Disclosure in Graphics during GPU context switch.

6.2CVSS5.5AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•92 views

CVE-2023-21636

Memory Corruption due to improper validation of array index in Linux while updating adn record.

7.8CVSS6.9AI score0.00021EPSS

CVE•added 2023/05/02 6:15 a.m.•92 views

CVE-2023-21665

Memory corruption in Graphics while importing a file.

8.4CVSS8.1AI score0.0007EPSS

CVE•added 2023/12/05 3:15 a.m.•92 views

CVE-2023-33079

Memory corruption in Audio while running invalid audio recording from ADSP.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•91 views

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8CVSS7.8AI score0.00062EPSS

CVE•added 2021/09/08 12:15 p.m.•90 views

CVE-2021-1972

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructu...

10CVSS9.6AI score0.00262EPSS

CVE•added 2023/11/07 6:15 a.m.•90 views

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2024/04/01 3:15 p.m.•90 views

CVE-2023-33111

Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.

5.5CVSS5.4AI score0.00035EPSS

CVE•added 2022/09/02 12:15 p.m.•89 views

CVE-2022-22059

Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.8AI score0.00106EPSS

CVE•added 2023/04/13 7:15 a.m.•89 views

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

9.3CVSS8.1AI score0.00044EPSS

CVE•added 2024/01/02 6:15 a.m.•89 views

CVE-2023-33117

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.

7.8CVSS7.8AI score0.0011EPSS

CVE•added 2021/03/17 6:15 a.m.•88 views

CVE-2020-11189

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2022/04/01 5:15 a.m.•88 views

CVE-2021-30331

Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

5.5CVSS6AI score0.00047EPSS

CVE•added 2022/09/16 6:15 a.m.•88 views

CVE-2022-25670

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

7.5CVSS7.5AI score0.00155EPSS

CVE•added 2023/11/07 6:15 a.m.•88 views

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

9.8CVSS9.6AI score0.00164EPSS

Total number of security vulnerabilities637