Vulnerabilities > Qualcomm > Msm8909W Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-04 CVE-2023-21629 Double Free vulnerability in Qualcomm products
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
low complexity
qualcomm CWE-415
6.8
2023-04-13 CVE-2022-33289 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
low complexity
qualcomm CWE-129
6.8
2023-03-10 CVE-2022-22075 Unspecified vulnerability in Qualcomm products
Information Disclosure in Graphics during GPU context switch.
local
low complexity
qualcomm
5.5
2023-01-09 CVE-2022-22079 Out-of-bounds Read vulnerability in Qualcomm products
Denial of service while processing fastboot flash command on mmc due to buffer over read
low complexity
qualcomm CWE-125
4.6
2022-06-14 CVE-2021-35116 Improper Input Validation vulnerability in Qualcomm products
APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-20
6.6
2022-04-01 CVE-2021-30333 Out-of-bounds Write vulnerability in Qualcomm products
Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
4.6
2022-02-11 CVE-2021-30318 Classic Buffer Overflow vulnerability in Qualcomm products
Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
4.6
2022-01-13 CVE-2021-30300 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-704
5.0
2022-01-13 CVE-2021-30330 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-476
5.0
2022-01-03 CVE-2021-30273 Reachable Assertion vulnerability in Qualcomm products
Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
network
low complexity
qualcomm CWE-617
5.0