Vulnerabilities > Qualcomm > Qca4024 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2020-11259 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
8.8
2021-06-09 CVE-2020-11265 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-125
5.5
2021-06-09 CVE-2020-11266 Unspecified vulnerability in Qualcomm products
Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
6.5
2021-05-07 CVE-2020-11289 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
7.8
2021-05-07 CVE-2021-1891 Use After Free vulnerability in Qualcomm products
A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
7.8
2021-05-07 CVE-2021-1895 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
local
low complexity
qualcomm CWE-190
7.8
2021-05-07 CVE-2021-1915 Classic Buffer Overflow vulnerability in Qualcomm products
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.8
2021-05-07 CVE-2021-1925 Reachable Assertion vulnerability in Qualcomm products
Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-617
7.5
2021-05-07 CVE-2021-1927 Use After Free vulnerability in Qualcomm products
Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
7.8
2021-04-07 CVE-2020-11191 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
9.1