Total
317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30283 | 1 Qualcomm | 38 Qca6391, Qca6391 Firmware, Qcm6490 and 35 more | 2024-11-21 | 2.1 LOW | 7.1 HIGH |
|
Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2021-30282 | 1 Qualcomm | 250 Ar8031, Ar8031 Firmware, Ar8035 and 247 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30281 | 1 Qualcomm | 294 Aqt1000, Aqt1000 Firmware, Ar8031 and 291 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30279 | 1 Qualcomm | 124 Ar8035, Ar8035 Firmware, Qca6390 and 121 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30278 | 1 Qualcomm | 252 Ar8031, Ar8031 Firmware, Ar8035 and 249 more | 2024-11-21 | 2.1 LOW | 7.1 HIGH |
|
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30276 | 1 Qualcomm | 116 Ar8035, Ar8035 Firmware, Qca6390 and 113 more | 2024-11-21 | 7.2 HIGH | 9.3 CRITICAL |
|
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30275 | 1 Qualcomm | 254 Ar8031, Ar8031 Firmware, Ar8035 and 251 more | 2024-11-21 | 7.2 HIGH | 9.3 CRITICAL |
|
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30274 | 1 Qualcomm | 252 Ar8031, Ar8031 Firmware, Ar8035 and 249 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30272 | 1 Qualcomm | 392 Apq8009w, Apq8009w Firmware, Apq8017 and 389 more | 2024-11-21 | 7.2 HIGH | 7.3 HIGH |
|
Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30270 | 1 Qualcomm | 310 Apq8009w, Apq8009w Firmware, Apq8017 and 307 more | 2024-11-21 | 7.2 HIGH | 7.3 HIGH |
|
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30269 | 1 Qualcomm | 234 Ar8031, Ar8031 Firmware, Ar8035 and 231 more | 2024-11-21 | 7.2 HIGH | 7.3 HIGH |
|
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30266 | 1 Qualcomm | 408 Apq8009, Apq8009 Firmware, Apq8053 and 405 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30265 | 1 Qualcomm | 190 Apq8053, Apq8053 Firmware, Aqt1000 and 187 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2021-30264 | 1 Qualcomm | 388 Apq8009, Apq8009 Firmware, Apq8053 and 385 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30262 | 1 Qualcomm | 210 Apq8009w, Apq8009w Firmware, Aqt1000 and 207 more | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2021-30259 | 1 Qualcomm | 316 Aqt1000, Aqt1000 Firmware, Ar8031 and 313 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-1942 | 1 Qualcomm | 222 Aqt1000, Aqt1000 Firmware, Ar8031 and 219 more | 2024-11-21 | 7.2 HIGH | 9.3 CRITICAL |
|
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-1924 | 1 Qualcomm | 634 Apq8009, Apq8009 Firmware, Apq8009w and 631 more | 2024-11-21 | 2.1 LOW | 9.0 CRITICAL |
|
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-1921 | 1 Qualcomm | 114 Aqt1000, Aqt1000 Firmware, Qca6390 and 111 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2021-1894 | 1 Qualcomm | 234 Ar8031, Ar8031 Firmware, Ar8035 and 231 more | 2024-11-21 | 7.2 HIGH | 7.1 HIGH |
|
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2020-11263 | 1 Qualcomm | 122 Ar8035, Ar8035 Firmware, Qca6390 and 119 more | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
|
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2024-33014 | 1 Qualcomm | 650 315 5g Iot Modem, 315 5g Iot Modem Firmware, 860 Mobile Platform and 647 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing ESP IE from beacon/probe response frame.
|
|||||
| CVE-2024-33015 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Csr8811 and 387 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
|
|||||
| CVE-2024-33025 | 1 Qualcomm | 338 Csr8811, Csr8811 Firmware, Fastconnect 6800 and 335 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
|
|||||
| CVE-2024-33024 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Csr8811 and 359 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
|
|||||
| CVE-2024-33026 | 1 Qualcomm | 330 Ar8035, Ar8035 Firmware, Csr8811 and 327 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
|
|||||
| CVE-2024-33023 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Csra6620 and 311 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
|
|||||
| CVE-2024-33022 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Csra6620 and 245 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption while allocating memory in HGSL driver.
|
|||||
| CVE-2024-33021 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption while processing IOCTL call to set metainfo.
|
|||||
| CVE-2024-33020 | 1 Qualcomm | 196 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 193 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while processing TID-to-link mapping IE elements.
|
|||||
| CVE-2024-33028 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
|
|||||
| CVE-2024-33034 | 1 Qualcomm | 210 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 207 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
|
|||||
| CVE-2024-38408 | 1 Qualcomm | 470 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 467 more | 2024-11-08 | N/A | 9.1 CRITICAL |
|
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
|||||
| CVE-2024-38423 | 1 Qualcomm | 412 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 409 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while processing GPU page table switch.
|
|||||
| CVE-2024-38422 | 1 Qualcomm | 536 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 533 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while processing voice packet with arbitrary data received from ADSP.
|
|||||
| CVE-2024-38419 | 1 Qualcomm | 296 Ar8035, Ar8035 Firmware, Csra6620 and 293 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
|
|||||
| CVE-2024-38415 | 1 Qualcomm | 356 215 Mobile Platform, 215 Mobile Platform Firmware, Ar8035 and 353 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while handling session errors from firmware.
|
|||||