Vulnerabilities > Qualcomm > Msm8953 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-07-13 CVE-2021-1943 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
5.0
2021-07-13 CVE-2021-1945 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
5.0
2021-07-13 CVE-2021-1954 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
5.0
2021-07-13 CVE-2021-1955 Reachable Assertion vulnerability in Qualcomm products
Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-617
5.0
2021-07-13 CVE-2021-1964 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
5.0
2021-07-13 CVE-2021-1970 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
network
low complexity
qualcomm CWE-125
5.0
2021-06-09 CVE-2020-11267 Out-of-bounds Write vulnerability in Qualcomm products
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
4.6
2021-06-09 CVE-2021-1900 Use After Free vulnerability in Qualcomm products
Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
4.4
2021-06-09 CVE-2020-11250 Use After Free vulnerability in Qualcomm products
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
6.9
2021-06-09 CVE-2020-11262 Use After Free vulnerability in Qualcomm products
A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue.
4.4