Msm8996Au Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-08	CVE-2021-1929	Unspecified vulnerability in Qualcomm products Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm	2.1
2021-09-08	CVE-2021-1972	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-120 critical	10.0
2021-07-13	CVE-2020-11307	Improper Validation of Array Index vulnerability in Qualcomm products Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables network low complexity qualcomm CWE-129 critical	10.0
2021-07-13	CVE-2021-1886	Out-of-bounds Write vulnerability in Qualcomm products Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-787	7.2
2021-07-13	CVE-2021-1888	Double Free vulnerability in Qualcomm products Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-415	7.2
2021-07-13	CVE-2021-1889	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-120	7.2
2021-07-13	CVE-2021-1890	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Improper length check of public exponent in RSA import key function could cause memory corruption. local low complexity qualcomm CWE-119	7.2
2021-07-13	CVE-2021-1945	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-125	5.0
2021-07-13	CVE-2021-1955	Reachable Assertion vulnerability in Qualcomm products Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-617	5.0
2021-06-09	CVE-2020-11267	Out-of-bounds Write vulnerability in Qualcomm products Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-787	4.6