Qca6595au Firmware Security Vulnerabilities and Issues — Qca6595au Firmware CVE List

Lucene search

QualcommQca6595au Firmware

55 matches found

CVE•added 2021/05/07 9:15 a.m.•1009 views

CVE-2021-1906

Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS6.9AI score0.00136EPSS

CVE•added 2022/02/11 11:15 a.m.•87 views

CVE-2021-30324

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdra...

6.7CVSS6.8AI score0.00047EPSS

CVE•added 2023/11/07 6:15 a.m.•87 views

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2023/03/10 9:15 p.m.•81 views

CVE-2022-22075

Information Disclosure in Graphics during GPU context switch.

6.2CVSS5.5AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•79 views

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

6.1CVSS5.6AI score0.00054EPSS

CVE•added 2023/01/09 8:15 a.m.•78 views

CVE-2022-25725

Denial of service in MODEM due to improper pointer handling

6.2CVSS5.6AI score0.00044EPSS

CVE•added 2023/11/07 6:15 a.m.•76 views

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

6.1CVSS5.7AI score0.00054EPSS

CVE•added 2025/01/06 11:15 a.m.•75 views

CVE-2024-23366

Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.

6.6CVSS6.4AI score0.00019EPSS

CVE•added 2021/06/09 5:15 a.m.•73 views

CVE-2020-11160

Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.6AI score0.00047EPSS

CVE•added 2022/02/11 11:15 a.m.•73 views

CVE-2021-30325

Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...

6.7CVSS6.6AI score0.00047EPSS

CVE•added 2023/02/12 4:15 a.m.•73 views

CVE-2022-33216

Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

6CVSS5.5AI score0.00022EPSS

CVE•added 2025/01/06 11:15 a.m.•71 views

CVE-2024-43063

information disclosure while invoking the mailbox read API.

6.1CVSS6.1AI score0.00019EPSS

CVE•added 2023/11/07 6:15 a.m.•69 views

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info command.

6.1CVSS5.7AI score0.00056EPSS

CVE•added 2021/02/22 7:15 a.m.•68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS

CVE•added 2023/07/04 5:15 a.m.•67 views

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

6.8CVSS6.6AI score0.00073EPSS

CVE•added 2022/11/15 10:15 a.m.•66 views

CVE-2022-25676

Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.8CVSS5.7AI score0.00044EPSS

CVE•added 2023/04/13 7:15 a.m.•66 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS

CVE•added 2022/06/14 10:15 a.m.•61 views

CVE-2021-35120

Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

6.7CVSS6.8AI score0.00099EPSS

CVE•added 2023/11/07 6:15 a.m.•61 views

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2021/09/09 8:15 a.m.•60 views

CVE-2021-1961

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.8AI score0.01103EPSS

CVE•added 2021/09/08 12:15 p.m.•58 views

CVE-2021-1904

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

6.2CVSS5.5AI score0.00094EPSS

CVE•added 2022/09/02 12:15 p.m.•58 views

CVE-2021-35135

A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS5.7AI score0.00047EPSS

CVE•added 2022/06/14 10:15 a.m.•56 views

CVE-2021-35092

Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.7CVSS6.8AI score0.00036EPSS

CVE•added 2023/08/08 10:15 a.m.•56 views

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

6.5CVSS6.4AI score0.00227EPSS

CVE•added 2023/09/05 7:15 a.m.•56 views

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.

6.5CVSS6.4AI score0.00066EPSS

CVE•added 2023/10/03 6:15 a.m.•56 views

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

6.1CVSS5.7AI score0.00027EPSS

CVE•added 2022/10/19 11:15 a.m.•55 views

CVE-2022-25664

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.2CVSS5.4AI score0.00158EPSS

CVE•added 2023/07/04 5:15 a.m.•55 views

CVE-2023-21624

Information disclosure in DSP Services while loading dynamic module.

6.2CVSS5.6AI score0.0004EPSS

CVE•added 2022/06/14 10:15 a.m.•54 views

CVE-2021-35118

An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00084EPSS

CVE•added 2023/06/06 8:15 a.m.•54 views

CVE-2022-40533

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

6.2CVSS5.7AI score0.00044EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-40518

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2023/01/09 8:15 a.m.•48 views

CVE-2022-40519

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2021/05/07 9:15 a.m.•47 views

CVE-2020-11293

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon V...

6CVSS6.1AI score0.00047EPSS

CVE•added 2021/10/20 7:15 a.m.•47 views

CVE-2021-1969

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

6.2CVSS5.5AI score0.00035EPSS

CVE•added 2022/10/19 11:15 a.m.•47 views

CVE-2022-25666

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.0004EPSS

CVE•added 2021/11/12 7:15 a.m.•46 views

CVE-2021-30266

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infr...

6.7CVSS6.8AI score0.00029EPSS

CVE•added 2021/09/08 12:15 p.m.•45 views

CVE-2021-1929

Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.2CVSS5.5AI score0.00045EPSS

CVE•added 2021/09/09 8:15 a.m.•44 views

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2022/01/03 8:15 a.m.•44 views

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2024/05/06 3:15 p.m.•43 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS

CVE•added 2025/01/06 11:15 a.m.•43 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2021/09/09 8:15 a.m.•42 views

CVE-2021-1962

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruct...

6.7CVSS6.6AI score0.00059EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2021/09/09 8:15 a.m.•41 views

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2021/10/20 7:15 a.m.•41 views

CVE-2021-1968

6.2CVSS5.5AI score0.00018EPSS

CVE•added 2021/09/09 8:15 a.m.•40 views

CVE-2021-1956

Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2021/11/12 7:15 a.m.•40 views

CVE-2021-30265

Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

6.7CVSS6.9AI score0.00055EPSS

CVE•added 2022/01/13 12:15 p.m.•40 views

CVE-2021-30313

Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

6.7CVSS6.8AI score0.00076EPSS

CVE•added 2022/01/13 12:15 p.m.•40 views

CVE-2021-30314

Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.2CVSS5.5AI score0.00096EPSS

Total number of security vulnerabilities55