Sdx55 Firmware@- Security Vulnerabilities and Issues — Page 9 of Sdx55 Firmware@- CVE List

Lucene search

QualcommSdx55 Firmware-

851 matches found

CVE•added 2023/11/07 6:15 a.m.•60 views

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS7.8AI score0.00054EPSS

CVE•added 2024/01/02 6:15 a.m.•60 views

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

8.4CVSS7.8AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•60 views

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

7.5CVSS7.5AI score0.00147EPSS

CVE•added 2024/01/02 6:15 a.m.•60 views

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

7.5CVSS7.6AI score0.00173EPSS

CVE•added 2020/03/05 9:15 a.m.•59 views

CVE-2019-10553

Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ...

9.4CVSS9.2AI score0.00219EPSS

CVE•added 2021/02/22 7:15 a.m.•59 views

CVE-2020-11204

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

7.8CVSS7.7AI score0.00039EPSS

CVE•added 2020/06/02 3:15 p.m.•59 views

CVE-2020-3615

Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IO...

9.8CVSS9.3AI score0.00336EPSS

CVE•added 2020/11/02 7:15 a.m.•59 views

CVE-2020-3657

u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobil...

10CVSS9.4AI score0.03072EPSS

CVE•added 2021/09/17 7:15 a.m.•59 views

CVE-2021-1947

Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

8.4CVSS7.6AI score0.00096EPSS

CVE•added 2021/10/20 7:15 a.m.•59 views

CVE-2021-30312

Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wire...

7.5CVSS7.2AI score0.00186EPSS

CVE•added 2022/06/14 10:15 a.m.•59 views

CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruc...

5.5CVSS5.7AI score0.00109EPSS

CVE•added 2022/09/02 12:15 p.m.•59 views

CVE-2022-22070

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.8AI score0.00071EPSS

CVE•added 2023/03/10 9:15 p.m.•59 views

CVE-2022-33245

Memory corruption in WLAN due to use after free

7.8CVSS7AI score0.00029EPSS

CVE•added 2023/09/05 7:15 a.m.•59 views

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in log.

7.8CVSS7.8AI score0.00053EPSS

CVE•added 2023/09/05 7:15 a.m.•59 views

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

7.8CVSS8AI score0.0003EPSS

CVE•added 2023/12/05 3:15 a.m.•59 views

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2024/01/02 6:15 a.m.•59 views

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

9.3CVSS7.7AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•59 views

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

7.5CVSS7.5AI score0.00194EPSS

CVE•added 2020/07/30 12:15 p.m.•58 views

CVE-2019-10580

When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM96...

7.8CVSS7.8AI score0.00096EPSS

CVE•added 2020/09/08 10:15 a.m.•58 views

CVE-2019-14074

u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & ...

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2020/06/02 3:15 p.m.•58 views

CVE-2019-14077

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infra...

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2021/01/21 10:15 a.m.•58 views

CVE-2020-11119

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, ...

7.5CVSS7.8AI score0.0026EPSS

CVE•added 2020/09/09 7:15 a.m.•58 views

CVE-2020-11124

u'Possible use-after-free while accessing diag client map table since list can be reallocated due to exceeding max client limit.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCS404, QCS4...

7.8CVSS7.7AI score0.00037EPSS

CVE•added 2021/03/17 6:15 a.m.•58 views

CVE-2020-11192

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.3AI score0.00396EPSS

CVE•added 2021/09/09 8:15 a.m.•58 views

CVE-2021-1948

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon ...

7.8CVSS7.5AI score0.00479EPSS

CVE•added 2024/11/22 10:15 a.m.•58 views

CVE-2021-30299

Possible out of bound access in audio module due to lack of validation of user provided input.

6.7CVSS6.5AI score0.0003EPSS

CVE•added 2022/06/14 10:15 a.m.•58 views

CVE-2021-35087

Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.5AI score0.00246EPSS

CVE•added 2022/09/02 12:15 p.m.•58 views

CVE-2021-35135

A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS5.7AI score0.00047EPSS

CVE•added 2023/07/04 5:15 a.m.•58 views

CVE-2023-21637

Memory corruption in Linux while calling system configuration APIs.

7.8CVSS7AI score0.00029EPSS

CVE•added 2023/12/05 3:15 a.m.•58 views

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

7.5CVSS7.5AI score0.00148EPSS

CVE•added 2023/12/05 3:15 a.m.•58 views

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

9.1CVSS9.3AI score0.0013EPSS

CVE•added 2024/03/04 11:15 a.m.•58 views

CVE-2023-33086

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

7.5CVSS7.5AI score0.00143EPSS

CVE•added 2024/06/03 10:15 a.m.•58 views

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

9.1CVSS9.4AI score0.00111EPSS

CVE•added 2020/09/08 10:15 a.m.•57 views

CVE-2019-13998

u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdrag...

7.8CVSS7.8AI score0.00039EPSS

CVE•added 2019/11/21 3:15 p.m.•57 views

CVE-2019-2336

Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure a...

5.5CVSS6AI score0.00123EPSS

CVE•added 2020/11/02 7:15 a.m.•57 views

CVE-2020-11169

u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & M...

9.1CVSS9.2AI score0.00286EPSS

CVE•added 2020/11/02 7:15 a.m.•57 views

CVE-2020-3690

u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastruct...

7.8CVSS7.6AI score0.00033EPSS

CVE•added 2021/11/12 7:15 a.m.•57 views

CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.6AI score0.00325EPSS

CVE•added 2022/01/13 12:15 p.m.•57 views

CVE-2021-30287

Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.6AI score0.00359EPSS

CVE•added 2022/06/14 10:15 a.m.•57 views

CVE-2021-35085

Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.1CVSS7.4AI score0.00037EPSS

CVE•added 2022/06/14 10:15 a.m.•57 views

CVE-2021-35098

Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS7AI score0.00042EPSS

CVE•added 2022/10/19 11:15 a.m.•57 views

CVE-2022-25660

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.8AI score0.0008EPSS

CVE•added 2022/12/13 4:15 p.m.•57 views

CVE-2022-25681

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.7AI score0.00079EPSS

CVE•added 2022/10/19 11:15 a.m.•57 views

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS7.7AI score0.00259EPSS

CVE•added 2023/01/09 8:15 a.m.•57 views

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

7.8CVSS7AI score0.00059EPSS

CVE•added 2023/11/07 6:15 a.m.•57 views

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

8.2CVSS8AI score0.0004EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.