Vulnerabilities > Qualcomm > Ar8035 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2021-35102 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
local
low complexity
qualcomm CWE-120
7.8
2022-06-14 CVE-2021-35104 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-120
critical
9.8
2022-06-14 CVE-2021-35111 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile
network
high complexity
qualcomm CWE-367
5.9
2022-06-14 CVE-2021-35112 Incorrect Authorization vulnerability in Qualcomm products
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-863
7.8
2022-06-14 CVE-2021-35118 Out-of-bounds Write vulnerability in Qualcomm products
An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
6.7
2022-06-14 CVE-2021-35119 Out-of-bounds Read vulnerability in Qualcomm products
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-125
5.5
2022-06-14 CVE-2021-35120 Use After Free vulnerability in Qualcomm products
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
6.7
2022-06-14 CVE-2021-35129 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.8
2022-06-14 CVE-2021-35130 Use After Free vulnerability in Qualcomm products
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.8
2022-06-14 CVE-2022-22057 Race Condition vulnerability in Qualcomm products
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-362
7.8