Vulnerabilities > Qualcomm > Qfe1952 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-09-08 CVE-2021-1972 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-120
critical
9.8
2021-06-09 CVE-2020-11267 Out-of-bounds Write vulnerability in Qualcomm products
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
7.8
2021-06-09 CVE-2020-11235 Integer Overflow or Wraparound vulnerability in Qualcomm products
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-190
7.8
2021-06-09 CVE-2020-11256 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
8.8
2021-06-09 CVE-2020-11257 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
8.8
2021-06-09 CVE-2020-11258 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
8.8
2021-06-09 CVE-2020-11259 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
8.8
2021-06-09 CVE-2020-11265 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-125
5.5
2021-06-09 CVE-2020-11266 Unspecified vulnerability in Qualcomm products
Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
6.5
2021-02-22 CVE-2020-11296 Reachable Assertion vulnerability in Qualcomm products
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-617
7.5