Lucene search

K
QualcommWcd9385 Firmware

923 matches found

CVE
CVE
added 2021/03/17 6:15 a.m.81 views

CVE-2020-11199

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

5.5CVSS5.5AI score0.00045EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.81 views

CVE-2020-11270

Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...

7.8CVSS7.5AI score0.00245EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.81 views

CVE-2021-1886

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00039EPSS
CVE
CVE
added 2021/09/17 7:15 a.m.81 views

CVE-2021-1947

Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

8.4CVSS7.6AI score0.00096EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.81 views

CVE-2021-30262

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

8.4CVSS7.6AI score0.00043EPSS
CVE
CVE
added 2022/02/11 11:15 a.m.81 views

CVE-2021-30309

Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS8AI score0.0005EPSS
CVE
CVE
added 2021/10/20 7:15 a.m.81 views

CVE-2021-30312

Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wire...

7.5CVSS7.2AI score0.00186EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.81 views

CVE-2021-35096

Improper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.5AI score0.00245EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.81 views

CVE-2021-35111

Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile

7.5CVSS5.8AI score0.0019EPSS
CVE
CVE
added 2023/09/05 7:15 a.m.81 views

CVE-2022-33220

Information disclosure in Automotive multimedia due to buffer over-read.

5.5CVSS5.3AI score0.00019EPSS
CVE
CVE
added 2023/11/07 6:15 a.m.81 views

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

6.1CVSS5.5AI score0.00056EPSS
CVE
CVE
added 2024/02/06 6:16 a.m.81 views

CVE-2023-33067

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

7.8CVSS7.9AI score0.0002EPSS
CVE
CVE
added 2024/02/06 6:16 a.m.81 views

CVE-2023-33069

Memory corruption in Audio while processing the calibration data returned from ACDB loader.

7.8CVSS7.8AI score0.0002EPSS
CVE
CVE
added 2024/09/02 12:15 p.m.81 views

CVE-2024-33038

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.

7.8CVSS7.8AI score0.00039EPSS
CVE
CVE
added 2024/09/02 12:15 p.m.81 views

CVE-2024-33043

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

5.5CVSS5.5AI score0.00036EPSS
CVE
CVE
added 2024/09/02 12:15 p.m.81 views

CVE-2024-33054

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.

7.8CVSS7.9AI score0.00039EPSS
CVE
CVE
added 2024/11/04 10:15 a.m.81 views

CVE-2024-38421

Memory corruption while processing GPU commands.

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2021/03/17 6:15 a.m.80 views

CVE-2020-11166

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

9.1CVSS9AI score0.00286EPSS
CVE
CVE
added 2021/03/17 6:15 a.m.80 views

CVE-2020-11221

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdra...

5.5CVSS5.5AI score0.00045EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.80 views

CVE-2020-11275

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.4CVSS9.2AI score0.00286EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.80 views

CVE-2020-11280

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapd...

7.8CVSS7.5AI score0.00245EPSS
CVE
CVE
added 2021/10/20 7:15 a.m.80 views

CVE-2021-1980

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

9.1CVSS7.6AI score0.00434EPSS
CVE
CVE
added 2023/10/03 6:15 a.m.80 views

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2CVSS7.5AI score0.00137EPSS
CVE
CVE
added 2023/10/03 6:15 a.m.80 views

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

9.8CVSS9.1AI score0.00213EPSS
CVE
CVE
added 2023/08/08 10:15 a.m.80 views

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

8.4CVSS8.1AI score0.00053EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.79 views

CVE-2020-11178

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V...

7.8CVSS7.5AI score0.00033EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.79 views

CVE-2020-11238

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...

7.8CVSS7.6AI score0.00317EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.79 views

CVE-2021-1888

Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00039EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.79 views

CVE-2021-1889

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00035EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.79 views

CVE-2021-1953

Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon M...

7.5CVSS7.6AI score0.0026EPSS
CVE
CVE
added 2022/04/01 5:15 a.m.79 views

CVE-2021-30333

Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.0012EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.79 views

CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00338EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.79 views

CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruc...

5.5CVSS5.7AI score0.00109EPSS
CVE
CVE
added 2022/09/02 12:15 p.m.79 views

CVE-2021-35133

Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

6.7CVSS7.2AI score0.00039EPSS
CVE
CVE
added 2023/01/09 8:15 a.m.79 views

CVE-2022-25725

Denial of service in MODEM due to improper pointer handling

6.2CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.79 views

CVE-2022-33245

Memory corruption in WLAN due to use after free

7.8CVSS7AI score0.00029EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.79 views

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

7.8CVSS8AI score0.00074EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.79 views

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

7.5CVSS7.6AI score0.00123EPSS
CVE
CVE
added 2023/08/08 10:15 a.m.79 views

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec decoding.

7.5CVSS7.7AI score0.00123EPSS
CVE
CVE
added 2023/11/07 6:15 a.m.79 views

CVE-2023-28568

Information disclosure in WLAN HAL when reception status handler is called.

6.1CVSS5.6AI score0.00054EPSS
CVE
CVE
added 2023/11/07 6:15 a.m.79 views

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

6.1CVSS5.7AI score0.00054EPSS
CVE
CVE
added 2024/02/06 6:15 a.m.79 views

CVE-2023-33058

Information disclosure in Modem while processing SIB5.

9.1CVSS8.9AI score0.00082EPSS
CVE
CVE
added 2024/11/04 10:15 a.m.79 views

CVE-2024-38423

Memory corruption while processing GPU page table switch.

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2025/06/03 6:15 a.m.79 views

CVE-2025-21486

Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.

7.8CVSS7.9AI score0.00017EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.78 views

CVE-2020-11159

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon I...

9.4CVSS9.2AI score0.00239EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.78 views

CVE-2020-11163

Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.6AI score0.00356EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.78 views

CVE-2020-11182

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.5AI score0.00427EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.78 views

CVE-2020-11194

Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Netw...

7.8CVSS7.8AI score0.00033EPSS
CVE
CVE
added 2021/09/09 8:15 a.m.78 views

CVE-2021-1948

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon ...

7.8CVSS7.5AI score0.00479EPSS
CVE
CVE
added 2021/09/09 8:15 a.m.78 views

CVE-2021-1961

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.8AI score0.01145EPSS
Total number of security vulnerabilities923