Vulnerabilities > Qualcomm > Csra6620 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-03 CVE-2021-30274 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-190
7.2
7.2
2022-01-03 CVE-2021-30275 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-190
7.2
7.2
2022-01-03 CVE-2021-30282 Improper Validation of Array Index vulnerability in Qualcomm products
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-129
7.2
7.2
2022-01-03 CVE-2021-30303 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.2
7.2
2022-01-03 CVE-2021-30335 Reachable Assertion vulnerability in Qualcomm products
Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-617
7.2
7.2
2022-01-03 CVE-2021-30337 Use After Free vulnerability in Qualcomm products
Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
7.2
7.2
2022-01-03 CVE-2021-30351 Classic Buffer Overflow vulnerability in Qualcomm products
An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-120
7.5
7.5
2021-11-12 CVE-2021-30259 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-125
7.2
7.2
2021-10-20 CVE-2021-1949 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-190
7.2
7.2
2021-10-20 CVE-2021-30288 Out-of-bounds Write vulnerability in Qualcomm products
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
7.2
7.2