Vulnerabilities > Qualcomm > Qca6595Au Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-20 CVE-2021-1932 Unspecified vulnerability in Qualcomm products
Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
8.4
2021-10-20 CVE-2021-1936 NULL Pointer Dereference vulnerability in Qualcomm products
Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
network
low complexity
qualcomm CWE-476
7.5
2021-10-20 CVE-2021-1949 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-190
8.4
2021-10-20 CVE-2021-1959 Out-of-bounds Write vulnerability in Qualcomm products
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
7.8
2021-10-20 CVE-2021-30288 Out-of-bounds Write vulnerability in Qualcomm products
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
7.8
2021-10-20 CVE-2021-30305 Improper Input Validation vulnerability in Qualcomm products
Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-20
7.8
2021-10-20 CVE-2021-30306 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-125
7.1
2021-10-20 CVE-2021-30312 Improper Authentication vulnerability in Qualcomm products
Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-287
7.5
2021-10-20 CVE-2021-30315 Use After Free vulnerability in Qualcomm products
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto
local
low complexity
qualcomm CWE-416
7.8
2021-10-20 CVE-2021-30316 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-119
7.8