Vulnerabilities > Qualcomm > Qcs603 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-01-03 CVE-2021-30268 Classic Buffer Overflow vulnerability in Qualcomm products
Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
7.2
2022-01-03 CVE-2021-30269 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-476
7.2
2022-01-03 CVE-2021-30270 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-476
7.2
2022-01-03 CVE-2021-30271 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-476
7.2
2022-01-03 CVE-2021-30272 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-476
7.2
2022-01-03 CVE-2021-30282 Improper Validation of Array Index vulnerability in Qualcomm products
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-129
7.2
2022-01-03 CVE-2021-30289 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-119
7.8
2022-01-03 CVE-2021-30293 Reachable Assertion vulnerability in Qualcomm products
Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
network
low complexity
qualcomm CWE-617
5.0
2022-01-03 CVE-2021-30303 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.2
2022-01-03 CVE-2021-30335 Reachable Assertion vulnerability in Qualcomm products
Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-617
7.2