Vulnerabilities > Qualcomm > Qca6584Au Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2021-35088 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
6.4
2022-04-01 CVE-2021-35103 Out-of-bounds Write vulnerability in Qualcomm products
Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
7.2
2022-04-01 CVE-2021-35105 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-704
7.2
2022-04-01 CVE-2021-35106 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound read due to improper length calculation of WMI message.
local
low complexity
qualcomm CWE-125
7.2
2022-04-01 CVE-2021-35115 Use After Free vulnerability in Qualcomm products
Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
4.6
2022-04-01 CVE-2021-35117 Out-of-bounds Read vulnerability in Qualcomm products
An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
network
low complexity
qualcomm CWE-125
critical
9.4
2022-02-11 CVE-2021-30318 Classic Buffer Overflow vulnerability in Qualcomm products
Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
4.6
2022-02-11 CVE-2021-30323 Classic Buffer Overflow vulnerability in Qualcomm products
Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
7.2
2022-02-11 CVE-2021-35069 Integer Overflow or Wraparound vulnerability in Qualcomm products
Improper validation of data length received from DMA buffer can lead to memory corruption.
local
low complexity
qualcomm CWE-190
7.2
2022-01-13 CVE-2021-30300 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-704
5.0