Vulnerabilities > Qualcomm > Qca6310 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-02 CVE-2021-35097 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
2022-09-02 CVE-2021-35113 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
2022-09-02 CVE-2021-35135 NULL Pointer Dereference vulnerability in Qualcomm products
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
2022-06-14 CVE-2021-35119 Out-of-bounds Read vulnerability in Qualcomm products
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-125
5.5
2021-11-12 CVE-2021-1903 Incorrect Authorization vulnerability in Qualcomm products
Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-863
5.3
2021-11-12 CVE-2021-1924 Information Exposure Through Discrepancy vulnerability in Qualcomm products
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-203
5.5
2021-11-12 CVE-2021-30266 Use After Free vulnerability in Qualcomm products
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
6.7
2021-09-17 CVE-2021-1939 NULL Pointer Dereference vulnerability in Qualcomm products
Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
2021-09-09 CVE-2021-1935 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
2021-09-09 CVE-2021-1960 Improper Input Validation vulnerability in Qualcomm products
Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
low complexity
qualcomm CWE-20
6.5