Sa6145p Firmware@- Security Vulnerabilities and Issues — Page 7 of Sa6145p Firmware@- CVE List

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

7.8CVSS7.7AI score0.00039EPSS

CVE•added 2021/10/20 7:15 a.m.•59 views

CVE-2021-1977

Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon I...

9.1CVSS7.6AI score0.00336EPSS

CVE•added 2022/06/14 10:15 a.m.•59 views

CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruc...

5.5CVSS5.7AI score0.00109EPSS

CVE•added 2022/09/02 12:15 p.m.•59 views

CVE-2022-22070

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.8AI score0.00071EPSS

CVE•added 2023/03/10 9:15 p.m.•59 views

CVE-2022-33245

Memory corruption in WLAN due to use after free

7.8CVSS7AI score0.00029EPSS

CVE•added 2023/03/10 9:15 p.m.•59 views

CVE-2022-33260

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

7.8CVSS7AI score0.00032EPSS

CVE•added 2023/04/13 7:15 a.m.•59 views

CVE-2022-33282

Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.

8.4CVSS8.2AI score0.00046EPSS

CVE•added 2023/09/05 7:15 a.m.•59 views

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in log.

7.8CVSS7.8AI score0.00053EPSS

CVE•added 2023/09/05 7:15 a.m.•59 views

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

7.8CVSS8AI score0.0003EPSS

CVE•added 2023/12/05 3:15 a.m.•59 views

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2024/01/02 6:15 a.m.•59 views

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

9.3CVSS7.7AI score0.0006EPSS

CVE•added 2024/03/04 11:15 a.m.•59 views

CVE-2023-43548

Memory corruption while parsing qcp clip with invalid chunk data size.

9.8CVSS7.4AI score0.00106EPSS

CVE•added 2021/01/21 10:15 a.m.•58 views

CVE-2020-11119

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, ...

7.5CVSS7.8AI score0.0026EPSS

CVE•added 2021/09/09 8:15 a.m.•58 views

CVE-2021-1948

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon ...

7.8CVSS7.5AI score0.00479EPSS

CVE•added 2024/11/22 10:15 a.m.•58 views

CVE-2021-30299

Possible out of bound access in audio module due to lack of validation of user provided input.

6.7CVSS6.5AI score0.0003EPSS

CVE•added 2021/10/20 7:15 a.m.•58 views

CVE-2021-30312

Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wire...

7.5CVSS7.2AI score0.00186EPSS

CVE•added 2022/09/02 12:15 p.m.•58 views

CVE-2021-35135

A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS5.7AI score0.00047EPSS

CVE•added 2023/07/04 5:15 a.m.•58 views

CVE-2023-21637

Memory corruption in Linux while calling system configuration APIs.

7.8CVSS7AI score0.00029EPSS

CVE•added 2023/08/08 10:15 a.m.•58 views

CVE-2023-21643

Memory corruption due to untrusted pointer dereference in automotive during system call.

9.1CVSS8AI score0.00067EPSS

CVE•added 2023/10/03 6:15 a.m.•58 views

CVE-2023-22382

Weak configuration in Automotive while VM is processing a listener request from TEE.

8.2CVSS7.8AI score0.00026EPSS

CVE•added 2023/10/03 6:15 a.m.•58 views

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

7.8CVSS7.6AI score0.0003EPSS

CVE•added 2024/01/02 6:15 a.m.•58 views

CVE-2023-28583

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2023/12/05 3:15 a.m.•58 views

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

9.1CVSS9.3AI score0.0013EPSS

CVE•added 2021/11/12 7:15 a.m.•57 views

CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.6AI score0.00325EPSS

CVE•added 2022/10/19 11:15 a.m.•57 views

CVE-2022-25660

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.8AI score0.0008EPSS

CVE•added 2022/12/13 4:15 p.m.•57 views

CVE-2022-25681

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.7AI score0.00079EPSS

CVE•added 2022/10/19 11:15 a.m.•57 views

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS7.7AI score0.00259EPSS

CVE•added 2023/01/09 8:15 a.m.•57 views

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

7.8CVSS7AI score0.00059EPSS

CVE•added 2023/06/06 8:15 a.m.•57 views

CVE-2022-40522

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•57 views

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

8.2CVSS8AI score0.0004EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

7.8CVSS8AI score0.00027EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

7.8CVSS7.9AI score0.0003EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2024/01/02 6:15 a.m.•57 views

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

9.3CVSS7.8AI score0.0006EPSS

CVE•added 2024/01/02 6:15 a.m.•57 views

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2024/01/02 6:15 a.m.•57 views

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

7.8CVSS7.9AI score0.0011EPSS

CVE•added 2024/12/02 11:15 a.m.•57 views

CVE-2024-33036

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.

6.7CVSS6.6AI score0.00015EPSS

CVE•added 2023/05/02 6:15 a.m.•56 views

CVE-2023-21642

Memory corruption in HAB Memory management due to broad system privileges via physical address.

8.4CVSS8AI score0.00051EPSS

CVE•added 2023/08/08 10:15 a.m.•56 views

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

6.5CVSS6.4AI score0.00227EPSS

CVE•added 2023/09/05 7:15 a.m.•56 views

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.

6.5CVSS6.4AI score0.00066EPSS

CVE•added 2023/12/05 3:15 a.m.•56 views

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•56 views

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

7.8CVSS8AI score0.00053EPSS

CVE•added 2023/10/03 6:15 a.m.•56 views

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

6.1CVSS5.7AI score0.00027EPSS

Total number of security vulnerabilities584