Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-03	CVE-2021-30293	Reachable Assertion vulnerability in Qualcomm products Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT network low complexity qualcomm CWE-617	5.0
2022-01-03	CVE-2021-30298	Classic Buffer Overflow vulnerability in Qualcomm products Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	4.6
2021-11-12	CVE-2021-1903	Incorrect Authorization vulnerability in Qualcomm products Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-863	5.0
2021-11-12	CVE-2021-1981	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-125	6.4
2021-11-12	CVE-2021-1982	Reachable Assertion vulnerability in Qualcomm products Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	5.0
2021-11-12	CVE-2021-30263	Use After Free vulnerability in Qualcomm products Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music local qualcomm CWE-416	4.4
2021-11-12	CVE-2021-30264	Use After Free vulnerability in Qualcomm products Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-416	4.6
2021-11-12	CVE-2021-30265	Out-of-bounds Write vulnerability in Qualcomm products Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-787	4.6
2021-11-12	CVE-2021-30266	Use After Free vulnerability in Qualcomm products Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-416	4.6
2021-10-20	CVE-2021-1966	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music local low complexity qualcomm CWE-120	4.6