Mdm9650 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-20	CVE-2020-11303	Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-668	8.6
2021-10-20	CVE-2021-1949	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-190	8.4
2021-10-20	CVE-2021-1959	Out-of-bounds Write vulnerability in Qualcomm products Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-787	7.8
2021-10-20	CVE-2021-1977	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music network low complexity qualcomm CWE-125 critical	9.1
2021-10-20	CVE-2021-1980	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-125 critical	9.1
2021-10-20	CVE-2021-30310	Improper Input Validation vulnerability in Qualcomm products Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music network low complexity qualcomm CWE-20	7.5
2021-09-17	CVE-2021-1976	Use After Free vulnerability in Qualcomm products A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-416 critical	9.8
2021-09-17	CVE-2021-30260	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-190	7.8
2021-09-17	CVE-2021-30261	Improper Input Validation vulnerability in Qualcomm products Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-20	7.8
2021-09-09	CVE-2021-1909	Classic Buffer Overflow vulnerability in Qualcomm products Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	7.8