Sd855 Firmware@- Security Vulnerabilities and Issues — Page 6 of Sd855 Firmware@- CVE List

Lucene search

QualcommSd855 Firmware-

574 matches found

CVE•added 2024/02/06 6:15 a.m.•73 views

CVE-2023-33049

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.

7.5CVSS7.5AI score0.00092EPSS

CVE•added 2024/02/06 6:16 a.m.•73 views

CVE-2023-33072

Memory corruption in Core while processing control functions.

9.3CVSS7.8AI score0.00029EPSS

CVE•added 2021/02/22 7:15 a.m.•72 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2022/02/11 11:15 a.m.•72 views

CVE-2021-30322

Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.7AI score0.00094EPSS

CVE•added 2022/06/14 10:15 a.m.•72 views

CVE-2021-30350

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.9AI score0.00105EPSS

CVE•added 2022/06/14 10:15 a.m.•72 views

CVE-2021-35076

Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.6AI score0.00246EPSS

CVE•added 2023/04/13 7:15 a.m.•72 views

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

9.3CVSS9.4AI score0.00051EPSS

CVE•added 2023/03/10 9:15 p.m.•72 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/10/03 6:15 a.m.•72 views

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

8.7CVSS7.9AI score0.00024EPSS

CVE•added 2023/10/03 6:15 a.m.•72 views

CVE-2023-24843

Transient DOS in Modem while triggering a camping on an 5G cell.

7.5CVSS7.5AI score0.00087EPSS

CVE•added 2023/11/07 6:15 a.m.•72 views

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS7.2AI score0.00045EPSS

CVE•added 2023/11/07 6:15 a.m.•72 views

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info command.

6.1CVSS5.7AI score0.00056EPSS

CVE•added 2021/06/09 5:15 a.m.•71 views

CVE-2020-11260

An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS8.4AI score0.00036EPSS

CVE•added 2021/09/09 8:15 a.m.•71 views

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2023/01/09 8:15 a.m.•71 views

CVE-2022-25715

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

7.8CVSS7.1AI score0.0004EPSS

CVE•added 2023/01/09 8:15 a.m.•71 views

CVE-2022-25717

Memory corruption in display due to double free while allocating frame buffer memory

7.8CVSS7.2AI score0.00034EPSS

CVE•added 2023/09/05 7:15 a.m.•71 views

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

7.8CVSS7.2AI score0.0002EPSS

CVE•added 2024/04/01 3:15 p.m.•71 views

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

8.4CVSS8.7AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•71 views

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the Network.

7.5CVSS7.5AI score0.00187EPSS

CVE•added 2024/02/06 6:16 a.m.•71 views

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

7.5CVSS7.5AI score0.00122EPSS

CVE•added 2024/08/05 3:15 p.m.•71 views

CVE-2024-33027

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.

8.4CVSS8.5AI score0.00132EPSS

CVE•added 2021/02/22 7:15 a.m.•70 views

CVE-2020-11281

Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S...

7.5CVSS7.3AI score0.0024EPSS

CVE•added 2022/06/14 10:15 a.m.•70 views

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

10CVSS9.6AI score0.00387EPSS

CVE•added 2023/03/10 9:15 p.m.•70 views

CVE-2022-25709

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

8.4CVSS8AI score0.00067EPSS

CVE•added 2023/03/10 9:15 p.m.•70 views

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

7.8CVSS7.9AI score0.00046EPSS

CVE•added 2023/02/12 4:15 a.m.•70 views

CVE-2022-33246

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

7.8CVSS6.9AI score0.00034EPSS

CVE•added 2023/07/04 5:15 a.m.•70 views

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

6.8CVSS6.6AI score0.00073EPSS

CVE•added 2023/08/08 10:15 a.m.•70 views

CVE-2023-21650

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

7.8CVSS7AI score0.00036EPSS

CVE•added 2023/10/03 6:15 a.m.•70 views

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

7.5CVSS7.7AI score0.00194EPSS

CVE•added 2024/01/02 6:15 a.m.•70 views

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.

7.1CVSS5.5AI score0.00049EPSS

CVE•added 2024/02/06 6:16 a.m.•70 views

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2021/07/13 6:15 a.m.•69 views

CVE-2020-11307

Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

10CVSS9.5AI score0.00356EPSS

CVE•added 2021/02/22 7:15 a.m.•69 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS

CVE•added 2022/09/02 12:15 p.m.•69 views

CVE-2022-25659

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.00179EPSS

CVE•added 2022/10/19 11:15 a.m.•69 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.00328EPSS

CVE•added 2023/04/13 7:15 a.m.•69 views

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

7.8CVSS6.7AI score0.00042EPSS

CVE•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

9.8CVSS8AI score0.00071EPSS

CVE•added 2023/06/06 8:15 a.m.•69 views

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS7.5AI score0.00106EPSS

CVE•added 2023/10/03 6:15 a.m.•69 views

CVE-2023-24847

Transient DOS in Modem while allocating DSM items.

7.5CVSS7.5AI score0.00178EPSS

CVE•added 2023/09/05 7:15 a.m.•69 views

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2024/02/06 6:15 a.m.•69 views

CVE-2023-33057

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

7.5CVSS7.5AI score0.00096EPSS

CVE•added 2024/04/01 3:15 p.m.•69 views

CVE-2023-33101

Transient DOS while processing DL NAS TRANSPORT message with payload length 0.

7.5CVSS7.6AI score0.00107EPSS

CVE•added 2021/02/22 7:15 a.m.•68 views

CVE-2020-11253

Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2021/09/09 8:15 a.m.•68 views

CVE-2021-1962

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruct...

6.7CVSS6.6AI score0.00059EPSS

CVE•added 2022/09/02 12:15 p.m.•68 views

CVE-2022-22067

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

7.8CVSS7.6AI score0.00222EPSS

CVE•added 2024/04/01 3:15 p.m.•68 views

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

8.4CVSS8.7AI score0.0006EPSS

CVE•added 2024/02/06 6:16 a.m.•68 views

CVE-2023-33076

Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.

7.8CVSS7.8AI score0.00031EPSS

CVE•added 2021/10/20 7:15 a.m.•67 views

CVE-2021-1968

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

6.2CVSS5.5AI score0.00018EPSS

CVE•added 2022/06/14 10:15 a.m.•67 views

CVE-2021-35116

APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.7CVSS6.9AI score0.00044EPSS

CVE•added 2022/11/15 10:15 a.m.•67 views

CVE-2022-25676

Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.8CVSS5.7AI score0.00052EPSS

Total number of security vulnerabilities574