Vulnerabilities > Qualcomm > Qcs603 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-07 | CVE-2021-1895 | Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | 7.2 |
2021-05-07 | CVE-2021-1905 | Use After Free vulnerability in Qualcomm products Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. | 7.2 |
2021-05-07 | CVE-2021-1925 | Reachable Assertion vulnerability in Qualcomm products Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |
2021-05-07 | CVE-2021-1927 | Use After Free vulnerability in Qualcomm products Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.2 |
2021-04-07 | CVE-2020-11255 | Memory Leak vulnerability in Qualcomm products Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables | 7.8 |
2021-04-07 | CVE-2020-11234 | Use After Free vulnerability in Qualcomm products When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-03-17 | CVE-2020-11309 | Use After Free vulnerability in Qualcomm products Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-03-17 | CVE-2020-11308 | Improper Validation of Array Index vulnerability in Qualcomm products Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 7.2 |
2021-03-17 | CVE-2020-11227 | Improper Validation of Array Index vulnerability in Qualcomm products Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.5 |
2021-02-22 | CVE-2020-11296 | Reachable Assertion vulnerability in Qualcomm products Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.5 |