Vulnerabilities > Qualcomm > Qcs610 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-13 | CVE-2021-1970 | Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 5.0 |
| 2021-06-09 | CVE-2020-11267 | Out-of-bounds Write vulnerability in Qualcomm products Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 4.6 |
| 2021-06-09 | CVE-2020-11298 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 6.9 |
| 2021-06-09 | CVE-2020-11306 | Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | 4.6 |
| 2021-06-09 | CVE-2021-1937 | Reachable Assertion vulnerability in Qualcomm products Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 5.0 |
| 2021-06-09 | CVE-2020-11160 | Integer Overflow or Wraparound vulnerability in Qualcomm products Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 4.6 |
| 2021-06-09 | CVE-2020-11250 | Use After Free vulnerability in Qualcomm products Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 6.9 |
| 2021-06-09 | CVE-2020-11262 | Use After Free vulnerability in Qualcomm products A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. | 4.4 |
| 2021-05-07 | CVE-2020-11295 | Use After Free vulnerability in Qualcomm products Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 4.6 |
| 2021-05-07 | CVE-2021-1891 | Use After Free vulnerability in Qualcomm products A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 4.6 |