Vulnerabilities > Qualcomm > Sa2150P Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-07 CVE-2020-11294 Improper Validation of Array Index vulnerability in Qualcomm products
Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-129
4.6
2021-05-07 CVE-2021-1891 Use After Free vulnerability in Qualcomm products
A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
4.6
2021-04-07 CVE-2020-11252 Out-of-bounds Read vulnerability in Qualcomm products
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
4.7
2021-03-17 CVE-2020-11290 Use After Free vulnerability in Qualcomm products
Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
6.9
2021-03-17 CVE-2020-11226 Improper Validation of Array Index vulnerability in Qualcomm products
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-129
5.0
2021-03-17 CVE-2020-11222 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
network
low complexity
qualcomm CWE-125
6.4
2021-03-17 CVE-2020-11218 Reachable Assertion vulnerability in Qualcomm products
Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-617
5.0
2021-03-17 CVE-2020-11190 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
6.4
2021-03-17 CVE-2020-11189 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
6.4
2021-03-17 CVE-2020-11188 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
6.4