Lucene search

K
QualcommSm4350 Firmware

68 matches found

CVE
CVE
added 2021/06/09 5:15 a.m.1011 views

CVE-2020-11261

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

7.8CVSS8.4AI score0.00286EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.381 views

CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

8.2CVSS7.7AI score0.00068EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.335 views

CVE-2022-33298

Memory corruption due to use after free in Modem while modem initialization.

7.8CVSS7.1AI score0.00028EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.284 views

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to DSP.

7.8CVSS8.1AI score0.00227EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.105 views

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use case.

7.8CVSS7.8AI score0.00054EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.104 views

CVE-2020-11239

Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

7.8CVSS8AI score0.00063EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.101 views

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

7.8CVSS7.8AI score0.00035EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.97 views

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

7.8CVSS7.9AI score0.00053EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.94 views

CVE-2020-11277

Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

7.4CVSS7.5AI score0.00027EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.93 views

CVE-2020-11262

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7CVSS7.1AI score0.00034EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.91 views

CVE-2020-11250

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

7CVSS7.2AI score0.00029EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.89 views

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

9.3CVSS8.1AI score0.00044EPSS
CVE
CVE
added 2023/10/03 6:15 a.m.85 views

CVE-2023-33029

Memory corruption in DSP Service during a remote call from HLOS to DSP.

8.4CVSS8AI score0.0006EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.84 views

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4CVSS8.2AI score0.00051EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.84 views

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4CVSS8.2AI score0.00053EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.82 views

CVE-2020-11198

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.2CVSS6.8AI score0.00021EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.82 views

CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

7.8CVSS7.3AI score0.00033EPSS
CVE
CVE
added 2023/05/02 6:15 a.m.82 views

CVE-2023-21665

Memory corruption in Graphics while importing a file.

8.4CVSS8.1AI score0.0007EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.81 views

CVE-2020-11296

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

7.5CVSS7.7AI score0.0026EPSS
CVE
CVE
added 2023/11/07 6:15 a.m.81 views

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8CVSS7.8AI score0.00062EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.80 views

CVE-2020-11270

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...

7.8CVSS7.5AI score0.00245EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.79 views

CVE-2020-11275

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.4CVSS9.2AI score0.00286EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.79 views

CVE-2020-11280

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapd...

7.8CVSS7.5AI score0.00245EPSS
CVE
CVE
added 2023/11/07 6:15 a.m.79 views

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

7.8CVSS7.9AI score0.00062EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.78 views

CVE-2020-11178

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V...

7.8CVSS7.5AI score0.00033EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.78 views

CVE-2020-11238

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...

7.8CVSS7.6AI score0.00317EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.77 views

CVE-2020-11182

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.5AI score0.00427EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.77 views

CVE-2020-11194

Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Netw...

7.8CVSS7.8AI score0.00033EPSS
CVE
CVE
added 2023/08/08 10:15 a.m.77 views

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec decoding.

7.5CVSS7.7AI score0.00123EPSS
CVE
CVE
added 2023/10/03 6:15 a.m.76 views

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

7.8CVSS7.9AI score0.0006EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.75 views

CVE-2020-11241

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

7.8CVSS7.6AI score0.00245EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.75 views

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

7.8CVSS7.3AI score0.00033EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.74 views

CVE-2020-11165

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastruc...

7.8CVSS8.1AI score0.00041EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.74 views

CVE-2020-11276

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer I...

9.4CVSS9.1AI score0.00239EPSS
CVE
CVE
added 2023/09/05 7:15 a.m.73 views

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS8.1AI score0.00044EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.71 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.71 views

CVE-2020-11278

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd...

7.8CVSS7.6AI score0.00245EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.70 views

CVE-2020-11260

An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS8.4AI score0.00036EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.69 views

CVE-2020-11281

Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S...

7.5CVSS7.3AI score0.0024EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.68 views

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

7.8CVSS6.7AI score0.00042EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.68 views

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the Network.

7.5CVSS7.5AI score0.00187EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.67 views

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS7.5AI score0.00106EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.66 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS
CVE
CVE
added 2023/05/02 6:15 a.m.66 views

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

7.5CVSS7.5AI score0.00106EPSS
CVE
CVE
added 2023/10/03 6:15 a.m.66 views

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

7.5CVSS7.7AI score0.00194EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.66 views

CVE-2023-33043

Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.

7.5CVSS7.5AI score0.00187EPSS
CVE
CVE
added 2023/05/02 8:15 a.m.64 views

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

7.5CVSS7.5AI score0.00123EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.64 views

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4CVSS8.1AI score0.0301EPSS
CVE
CVE
added 2023/05/02 6:15 a.m.63 views

CVE-2022-34144

Transient DOS due to reachable assertion in Modem during OSI decode scheduling.

7.5CVSS7.5AI score0.00161EPSS
Total number of security vulnerabilities68