High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-02	CVE-2021-35134	Incorrect Calculation of Buffer Size vulnerability in Qualcomm products Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-131	8.4
2022-09-02	CVE-2022-22069	Cleartext Storage of Sensitive Information vulnerability in Qualcomm products Devices with keyprotect off may store unencrypted keybox in RPMB and cause cryptographic issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-312	7.8
2022-06-14	CVE-2021-35090	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local high complexity qualcomm CWE-367	7.8
2022-06-14	CVE-2021-35094	Improper Authentication vulnerability in Qualcomm products Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-287	7.8
2021-11-12	CVE-2021-1921	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local high complexity qualcomm CWE-367	7.0
2021-11-12	CVE-2021-1973	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-119	7.8
2021-11-12	CVE-2021-1979	Out-of-bounds Write vulnerability in Qualcomm products Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-787	7.8
2021-11-12	CVE-2021-1982	Reachable Assertion vulnerability in Qualcomm products Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	7.5
2021-11-12	CVE-2021-30255	Improper Validation of Array Index vulnerability in Qualcomm products Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-129	7.8
2021-11-12	CVE-2021-30259	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-125	7.8