High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-11	CVE-2021-35074	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-190	7.2
2022-02-11	CVE-2021-35075	NULL Pointer Dereference vulnerability in Qualcomm products Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-476	7.2
2022-02-11	CVE-2021-35077	Use After Free vulnerability in Qualcomm products Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-416	7.2
2022-01-13	CVE-2021-30308	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-120	7.2
2022-01-13	CVE-2021-30311	Improper Validation of Array Index vulnerability in Qualcomm products Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-129	7.8
2022-01-13	CVE-2021-30319	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music local low complexity qualcomm CWE-190	7.2
2022-01-03	CVE-2021-1894	Improper Handling of Exceptional Conditions vulnerability in Qualcomm products Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-755	7.2
2022-01-03	CVE-2021-30268	Classic Buffer Overflow vulnerability in Qualcomm products Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-120	7.2
2022-01-03	CVE-2021-30269	NULL Pointer Dereference vulnerability in Qualcomm products Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-476	7.2
2022-01-03	CVE-2021-30270	NULL Pointer Dereference vulnerability in Qualcomm products Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-476	7.2