Wcd9340 Firmware@- Security Vulnerabilities and Issues — Page 5 of Wcd9340 Firmware@- CVE List

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon I...

9.4CVSS9.2AI score0.00239EPSS

CVE•added 2021/02/22 7:15 a.m.•78 views

CVE-2020-11163

Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.6AI score0.00356EPSS

CVE•added 2021/06/09 5:15 a.m.•78 views

CVE-2020-11182

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.5AI score0.00427EPSS

CVE•added 2022/06/14 10:15 a.m.•78 views

CVE-2022-22086

Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.5AI score0.00163EPSS

CVE•added 2022/12/13 4:15 p.m.•78 views

CVE-2022-25711

Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.8AI score0.0003EPSS

CVE•added 2024/08/05 3:15 p.m.•78 views

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

8.4CVSS8.6AI score0.00156EPSS

CVE•added 2024/11/04 10:15 a.m.•78 views

CVE-2024-38405

Transient DOS while processing the CU information from RNR IE.

7.5CVSS6.8AI score0.00191EPSS

CVE•added 2021/06/09 5:15 a.m.•77 views

CVE-2020-11126

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...

9.4CVSS9AI score0.00286EPSS

CVE•added 2021/06/09 5:15 a.m.•77 views

CVE-2020-11241

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2021/07/13 6:15 a.m.•77 views

CVE-2021-1896

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity

4.3CVSS4.8AI score0.00031EPSS

CVE•added 2022/01/03 8:15 a.m.•77 views

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.1CVSS5.5AI score0.00045EPSS

CVE•added 2022/06/14 10:15 a.m.•77 views

CVE-2021-30281

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wear...

8.4CVSS7.6AI score0.00143EPSS

CVE•added 2022/10/19 11:15 a.m.•77 views

CVE-2022-25664

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.2CVSS5.4AI score0.00235EPSS

CVE•added 2023/12/05 3:15 a.m.•77 views

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

7.8CVSS7AI score0.0004EPSS

CVE•added 2023/11/07 6:15 a.m.•77 views

CVE-2023-28570

Memory corruption while processing audio effects.

7.8CVSS7.2AI score0.0004EPSS

CVE•added 2024/04/01 3:15 p.m.•77 views

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

7.8CVSS8AI score0.0006EPSS

CVE•added 2021/06/09 5:15 a.m.•76 views

CVE-2020-11161

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.1CVSS7AI score0.00043EPSS

CVE•added 2021/02/22 7:15 a.m.•76 views

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...

8.8CVSS8.8AI score0.00074EPSS

CVE•added 2023/04/13 7:15 a.m.•76 views

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

7.8CVSS7.3AI score0.00033EPSS

CVE•added 2023/10/03 6:15 a.m.•76 views

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

7.8CVSS7.2AI score0.00032EPSS

CVE•added 2023/09/05 7:15 a.m.•76 views

CVE-2023-28562

Memory corruption while handling payloads from remote ESL.

9.8CVSS9.8AI score0.0008EPSS

CVE•added 2021/06/09 5:15 a.m.•75 views

CVE-2020-11165

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastruc...

7.8CVSS8.1AI score0.00041EPSS

CVE•added 2021/02/22 7:15 a.m.•75 views

CVE-2020-11276

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer I...

9.4CVSS9.1AI score0.00239EPSS

CVE•added 2022/06/14 10:15 a.m.•75 views

CVE-2021-35078

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.6AI score0.00457EPSS

CVE•added 2022/12/13 4:15 p.m.•75 views

CVE-2022-25712

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.9AI score0.0004EPSS

CVE•added 2023/09/05 7:15 a.m.•75 views

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS8.1AI score0.00044EPSS

CVE•added 2023/03/10 9:15 p.m.•75 views

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

8.4CVSS8.3AI score0.00046EPSS

CVE•added 2024/05/06 3:15 p.m.•75 views

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

7.8CVSS7.1AI score0.00031EPSS

CVE•added 2021/06/09 5:15 a.m.•74 views

CVE-2020-11160

Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.6AI score0.00047EPSS

CVE•added 2021/02/22 7:15 a.m.•74 views

CVE-2020-11278

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2022/06/14 10:15 a.m.•74 views

CVE-2021-35100

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00476EPSS

CVE•added 2022/09/02 12:15 p.m.•74 views

CVE-2022-25657

Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

9.8CVSS9.7AI score0.00216EPSS

CVE•added 2022/10/19 11:15 a.m.•74 views

CVE-2022-25666

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.00044EPSS

CVE•added 2022/12/13 4:15 p.m.•74 views

CVE-2022-25677

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

7.8CVSS8AI score0.00036EPSS

CVE•added 2023/02/12 4:15 a.m.•74 views

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/02/12 4:15 a.m.•74 views

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS7.7AI score0.00091EPSS

CVE•added 2023/08/08 10:15 a.m.•74 views

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS7AI score0.0005EPSS

CVE•added 2023/11/07 6:15 a.m.•74 views

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

9.8CVSS9.7AI score0.0021EPSS

CVE•added 2024/05/06 3:15 p.m.•74 views

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

7.8CVSS7AI score0.00031EPSS

CVE•added 2024/07/01 3:15 p.m.•74 views

CVE-2024-21456

Information Disclosure while parsing beacon frame in STA.

9.1CVSS6.9AI score0.00149EPSS

CVE•added 2021/02/22 7:15 a.m.•73 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS8.7AI score0.00033EPSS

CVE•added 2021/03/17 6:15 a.m.•73 views

CVE-2020-11220

While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrago...

6.4CVSS6.7AI score0.00036EPSS

CVE•added 2021/06/09 5:15 a.m.•73 views

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2021/07/13 6:15 a.m.•73 views

CVE-2021-1938

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2022/06/14 10:15 a.m.•73 views

CVE-2021-35083

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

9.4CVSS9AI score0.0016EPSS

Total number of security vulnerabilities669