Vulnerabilities > Qualcomm > Qca8337 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2022-22068 Use After Free vulnerability in Qualcomm products
kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.8
2022-06-14 CVE-2022-22071 Use After Free vulnerability in Qualcomm products
Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
local
low complexity
qualcomm CWE-416
7.8
2022-04-01 CVE-2021-1942 Out-of-bounds Write vulnerability in Qualcomm products
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
8.8
2022-04-01 CVE-2021-30328 Reachable Assertion vulnerability in Qualcomm products
Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-617
7.5
2022-04-01 CVE-2021-30329 Reachable Assertion vulnerability in Qualcomm products
Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-617
7.5
2022-04-01 CVE-2021-30332 Reachable Assertion vulnerability in Qualcomm products
Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-617
7.5
2022-04-01 CVE-2021-30333 Out-of-bounds Write vulnerability in Qualcomm products
Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
7.8
2022-04-01 CVE-2021-35103 Out-of-bounds Write vulnerability in Qualcomm products
Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
7.8
2022-04-01 CVE-2021-35105 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-704
7.8
2022-04-01 CVE-2021-35106 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound read due to improper length calculation of WMI message.
local
low complexity
qualcomm CWE-125
7.8