CVE-2021-1930

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-1936

Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

CVE-2020-11135

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439, SDM450...

CVE-2020-3688

Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in A...

CVE-2021-1923

Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

CVE-2024-33037

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

CVE-2025-21431

Information disclosure may be there when a guest VM is connected.

CVE-2020-11122

u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8098, Bitra, Kamorta, SA6155P, Saipan, SM6150, SM7150, SM8150, SM8250, SXR2130

CVE-2021-1932

Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastru...

CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

CVE-2024-38424

Memory corruption during GNSS HAL process initialization.

CVE-2021-30315

Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.

CVE-2019-14000

Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2020-11304

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

CVE-2025-21425

Memory corruption may occur due top improper access control in HAB process.

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

CVE-2024-43067

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

CVE-2024-53019

Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.

CVE-2020-3643

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired In...

CVE-2023-43555

Information disclosure in Video while parsing mp2 clip with invalid section length.

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.

CVE-2024-33022

Memory corruption while allocating memory in HGSL driver.

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVE-2024-23355

Memory corruption when keymaster operation imports a shared key.

CVE-2024-21479

Transient DOS during music playback of ALAC content.

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

CVE-2025-27052

Memory corruption while processing data packets in diag received from Unix clients.

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

CVE-2025-21454

Transient DOS while processing received beacon frame.

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-21449

Transient DOS may occur while processing malformed length field in SSID IEs.

CVE-2025-21456

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.

CVE-2025-21474

Memory corruption while processing commands from A2dp sink command queue.

CVE-2025-27072

Information disclosure while processing a packet at EAVB BE side with invalid header length.