Vulnerabilities > Qualcomm > Ar8035 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-09 CVE-2022-40518 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer overread in Core
local
low complexity
qualcomm CWE-125
5.5
2023-01-09 CVE-2022-40519 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer overread in Core
local
low complexity
qualcomm CWE-125
5.5
2022-10-19 CVE-2022-22078 Integer Overflow or Wraparound vulnerability in Qualcomm products
Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
low complexity
qualcomm CWE-190
4.6
2022-09-02 CVE-2021-35097 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
2022-09-02 CVE-2021-35133 Use After Free vulnerability in Qualcomm products
Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
6.7
2022-09-02 CVE-2021-35135 NULL Pointer Dereference vulnerability in Qualcomm products
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
2022-06-14 CVE-2021-30339 Unspecified vulnerability in Qualcomm products
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
5.5
2022-06-14 CVE-2021-30343 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
network
high complexity
qualcomm CWE-367
5.9
2022-06-14 CVE-2021-30345 Unspecified vulnerability in Qualcomm products
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
5.5
2022-06-14 CVE-2021-30346 Unspecified vulnerability in Qualcomm products
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
5.5