Lucene search

K
QualcommSdx24 Firmware

475 matches found

CVE
CVE
added 2021/06/09 5:15 a.m.78 views

CVE-2020-11178

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V...

7.8CVSS7.5AI score0.00033EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.78 views

CVE-2021-1889

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00035EPSS
CVE
CVE
added 2022/04/01 5:15 a.m.78 views

CVE-2021-30333

Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.0012EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.78 views

CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00338EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.78 views

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

7.8CVSS8AI score0.00074EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.78 views

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

7.5CVSS7.6AI score0.00123EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.77 views

CVE-2020-11163

Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.6AI score0.00356EPSS
CVE
CVE
added 2021/09/08 12:15 p.m.77 views

CVE-2021-1972

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructu...

10CVSS9.6AI score0.00262EPSS
CVE
CVE
added 2022/02/11 11:15 a.m.77 views

CVE-2021-30318

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.8AI score0.00085EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.76 views

CVE-2020-11159

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon I...

9.4CVSS9.2AI score0.00239EPSS
CVE
CVE
added 2021/09/17 7:15 a.m.76 views

CVE-2021-1976

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Ne...

10CVSS9.3AI score0.00285EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.76 views

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.1CVSS5.5AI score0.00045EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.76 views

CVE-2021-30281

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wear...

8.4CVSS7.6AI score0.00143EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.75 views

CVE-2020-11241

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

7.8CVSS7.6AI score0.00245EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.75 views

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...

8.8CVSS8.8AI score0.00074EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.75 views

CVE-2021-1890

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.2AI score0.00039EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.75 views

CVE-2021-30341

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

10CVSS9.6AI score0.00363EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.74 views

CVE-2020-11165

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastruc...

7.8CVSS8.1AI score0.00041EPSS
CVE
CVE
added 2021/09/08 12:15 p.m.74 views

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...

10CVSS8.1AI score0.00193EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.74 views

CVE-2020-11276

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer I...

9.4CVSS9.1AI score0.00239EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.74 views

CVE-2021-35078

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.6AI score0.00388EPSS
CVE
CVE
added 2022/11/15 10:15 a.m.74 views

CVE-2022-25724

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00097EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.73 views

CVE-2019-2260

A race condition occurs while processing perf-event which can lead to a use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM96...

7CVSS7AI score0.00032EPSS
CVE
CVE
added 2020/11/02 7:15 a.m.73 views

CVE-2020-11174

u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapd...

7.8CVSS7.6AI score0.00043EPSS
CVE
CVE
added 2021/09/08 12:15 p.m.73 views

CVE-2020-11301

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.1CVSS7.2AI score0.02348EPSS
CVE
CVE
added 2022/12/13 4:15 p.m.73 views

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.2CVSS8AI score0.00078EPSS
CVE
CVE
added 2023/08/08 10:15 a.m.73 views

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS7AI score0.0005EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.72 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS8.7AI score0.00033EPSS
CVE
CVE
added 2021/03/17 6:15 a.m.72 views

CVE-2020-11220

While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrago...

6.4CVSS6.7AI score0.00036EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.72 views

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.72 views

CVE-2021-35083

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

9.4CVSS9AI score0.00142EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.72 views

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

7.8CVSS7.9AI score0.0006EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.72 views

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS7.7AI score0.00091EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.71 views

CVE-2019-2277

Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD...

7.8CVSS7.5AI score0.00042EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.71 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2022/02/11 11:15 a.m.71 views

CVE-2021-30322

Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.7AI score0.00094EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.70 views

CVE-2018-11930

Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM...

10CVSS9.2AI score0.00266EPSS
CVE
CVE
added 2020/09/08 10:15 a.m.69 views

CVE-2019-13994

u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons...

7.8CVSS7.6AI score0.00111EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.69 views

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

10CVSS9.6AI score0.00701EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.68 views

CVE-2018-11967

Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...

7.8CVSS7.7AI score0.00035EPSS
CVE
CVE
added 2020/06/02 3:15 p.m.68 views

CVE-2019-14042

Out of bound read in in fingerprint application due to requested data assigned to a local buffer without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired In...

7.1CVSS7.4AI score0.00043EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS
CVE
CVE
added 2020/09/08 10:15 a.m.67 views

CVE-2019-10527

u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Co...

7.8CVSS7.6AI score0.00039EPSS
CVE
CVE
added 2022/10/19 11:15 a.m.67 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.0029EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.66 views

CVE-2021-30335

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

8.4CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.66 views

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

7.8CVSS8AI score0.0006EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.66 views

CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

9.3CVSS8.4AI score0.0006EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.66 views

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS7.6AI score0.00042EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.65 views

CVE-2019-2264

Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MDM9640, MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 6...

7.8CVSS7.7AI score0.00042EPSS
Total number of security vulnerabilities475