Apq8096Au Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-01	CVE-2021-35105	Incorrect Type Conversion or Cast vulnerability in Qualcomm products Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-704	7.2
2022-04-01	CVE-2021-35115	Use After Free vulnerability in Qualcomm products Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile local low complexity qualcomm CWE-416	4.6
2022-04-01	CVE-2021-35117	Out-of-bounds Read vulnerability in Qualcomm products An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music network low complexity qualcomm CWE-125 critical	9.4
2022-02-11	CVE-2021-30318	Classic Buffer Overflow vulnerability in Qualcomm products Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-120	4.6
2022-02-11	CVE-2021-30323	Classic Buffer Overflow vulnerability in Qualcomm products Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-120	7.2
2022-02-11	CVE-2021-30324	Classic Buffer Overflow vulnerability in Qualcomm products Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	4.6
2022-02-11	CVE-2021-30325	Improper Validation of Array Index vulnerability in Qualcomm products Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-129	4.6
2022-02-11	CVE-2021-35069	Integer Overflow or Wraparound vulnerability in Qualcomm products Improper validation of data length received from DMA buffer can lead to memory corruption. local low complexity qualcomm CWE-190	7.2
2022-01-13	CVE-2021-30300	Incorrect Type Conversion or Cast vulnerability in Qualcomm products Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-704	5.0
2022-01-13	CVE-2021-30313	Use After Free vulnerability in Qualcomm products Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local qualcomm CWE-416	4.4