High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-07	CVE-2021-1895	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music local low complexity qualcomm CWE-190	7.8
2021-05-07	CVE-2021-1905	Use After Free vulnerability in Qualcomm products Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. local low complexity qualcomm CWE-416	7.8
2021-05-07	CVE-2021-1915	Classic Buffer Overflow vulnerability in Qualcomm products Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	7.8
2021-05-07	CVE-2021-1925	Reachable Assertion vulnerability in Qualcomm products Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-617	7.5
2021-05-07	CVE-2021-1927	Use After Free vulnerability in Qualcomm products Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-416	7.8
2021-04-07	CVE-2020-11246	Double Free vulnerability in Qualcomm products A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-415	7.8
2021-03-17	CVE-2020-11309	Use After Free vulnerability in Qualcomm products Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-416	7.8
2021-03-17	CVE-2020-11290	Use After Free vulnerability in Qualcomm products Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local high complexity qualcomm CWE-416	7.0
2021-02-22	CVE-2020-11296	Reachable Assertion vulnerability in Qualcomm products Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-617	7.5
2021-02-22	CVE-2020-11281	Information Exposure vulnerability in Qualcomm products Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. network low complexity qualcomm CWE-200	7.5