Vulnerabilities > Qualcomm > Mdm9650 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-09 | CVE-2022-33285 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | 6.5 |
| 2023-01-09 | CVE-2022-33286 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | 6.5 |
| 2022-10-19 | CVE-2022-25664 | Incomplete Cleanup vulnerability in Qualcomm products Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 5.5 |
| 2022-10-19 | CVE-2022-25666 | Use After Free vulnerability in Qualcomm products Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 6.7 |
| 2022-09-16 | CVE-2022-25654 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | 6.7 |
| 2022-09-02 | CVE-2021-35135 | NULL Pointer Dereference vulnerability in Qualcomm products A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 5.5 |
| 2022-06-14 | CVE-2021-30342 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | 5.9 |
| 2022-06-14 | CVE-2021-35092 | Improper Input Validation vulnerability in Qualcomm products Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 6.7 |
| 2022-06-14 | CVE-2021-35098 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.7 |
| 2022-04-01 | CVE-2021-30331 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 5.5 |