Vulnerabilities > Qualcomm

DATE CVE VULNERABILITY TITLE RISK
2021-07-13 CVE-2020-11307 Improper Validation of Array Index vulnerability in Qualcomm products
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
network
low complexity
qualcomm CWE-129
critical
10.0
2021-07-13 CVE-2021-1886 Out-Of-Bounds Write vulnerability in Qualcomm products
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
7.2
2021-07-13 CVE-2021-1887 Reachable Assertion vulnerability in Qualcomm products
An assertion can be reached in the WLAN subsystem while using the Wi-Fi Fine Timing Measurement protocol in Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-617
5.0
2021-07-13 CVE-2021-1888 Double Free vulnerability in Qualcomm products
Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-415
7.2
2021-07-13 CVE-2021-1889 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
7.2
2021-07-13 CVE-2021-1890 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products
Improper length check of public exponent in RSA import key function could cause memory corruption.
local
low complexity
qualcomm CWE-119
7.2
2021-07-13 CVE-2021-1896 Unspecified vulnerability in Qualcomm products
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity
low complexity
qualcomm
3.3
2021-07-13 CVE-2021-1897 Out-Of-Bounds Read vulnerability in Qualcomm products
Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
2.1
2021-07-13 CVE-2021-1898 Out-Of-Bounds Read vulnerability in Qualcomm products
Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
2.1
2021-07-13 CVE-2021-1899 Out-Of-Bounds Read vulnerability in Qualcomm products
Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
2.1