Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-10	CVE-2022-22075	Unspecified vulnerability in Qualcomm products Information Disclosure in Graphics during GPU context switch. local low complexity qualcomm	5.5
2023-01-09	CVE-2022-33285	Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. low complexity qualcomm CWE-125	6.5
2023-01-09	CVE-2022-33286	Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. low complexity qualcomm CWE-125	6.5
2022-06-14	CVE-2021-30342	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables network high complexity qualcomm CWE-367	5.9
2022-01-03	CVE-2021-30348	Resource Exhaustion vulnerability in Qualcomm products Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music low complexity qualcomm CWE-400	6.5
2021-11-12	CVE-2021-1924	Information Exposure Through Discrepancy vulnerability in Qualcomm products Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-203	5.5
2021-09-09	CVE-2021-1935	NULL Pointer Dereference vulnerability in Qualcomm products Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-476	5.5
2021-09-08	CVE-2021-1904	Incorrect Comparison vulnerability in Qualcomm products Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-697	5.5
2021-05-07	CVE-2021-1906	Improper Handling of Exceptional Conditions vulnerability in Qualcomm products Improper handling of address deregistration on failure can lead to new GPU address allocation failure. local low complexity qualcomm CWE-755	5.5
2021-03-17	CVE-2020-11221	Information Exposure vulnerability in Qualcomm products Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-200	5.5