Vulnerabilities > Qualcomm > Qcm6490 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-14 | CVE-2021-35116 | Improper Input Validation vulnerability in Qualcomm products APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.1 |
2022-06-14 | CVE-2021-35118 | Out-of-bounds Write vulnerability in Qualcomm products An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.7 |
2022-06-14 | CVE-2021-35119 | Out-of-bounds Read vulnerability in Qualcomm products Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 5.5 |
2022-06-14 | CVE-2021-35120 | Use After Free vulnerability in Qualcomm products Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 6.7 |
2022-06-14 | CVE-2021-35126 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 7.8 |
2022-06-14 | CVE-2021-35129 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | 7.8 |
2022-06-14 | CVE-2021-35130 | Use After Free vulnerability in Qualcomm products Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.8 |
2022-06-14 | CVE-2022-22057 | Race Condition vulnerability in Qualcomm products Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.8 |
2022-06-14 | CVE-2022-22065 | Out-of-bounds Read vulnerability in Qualcomm products Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.5 |
2022-06-14 | CVE-2022-22071 | Use After Free vulnerability in Qualcomm products Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 7.8 |