Vulnerabilities > Qualcomm > Qca6234 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-21461 Double Free vulnerability in Qualcomm products
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
local
low complexity
qualcomm CWE-415
7.8
2024-01-02 CVE-2023-33030 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in HLOS while running playready use-case.
local
low complexity
qualcomm CWE-787
7.8
2023-12-05 CVE-2023-28546 Classic Buffer Overflow vulnerability in Qualcomm products
Memory Corruption in SPS Application while exporting public key in sorter TA.
local
low complexity
qualcomm CWE-120
7.8
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5
2023-06-06 CVE-2022-22076 Unspecified vulnerability in Qualcomm products
information disclosure due to cryptographic issue in Core during RPMB read request.
local
low complexity
qualcomm
5.5
2021-11-12 CVE-2021-1924 Information Exposure Through Discrepancy vulnerability in Qualcomm products
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-203
2.1
2021-10-20 CVE-2020-11303 Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-668
5.0
2021-09-17 CVE-2021-30260 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-190
4.6
2021-09-09 CVE-2021-1909 Classic Buffer Overflow vulnerability in Qualcomm products
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.2
2021-09-09 CVE-2021-1935 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
4.9