Vulnerabilities > Qualcomm > Sa6155P Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2021-35068 NULL Pointer Dereference vulnerability in Qualcomm products
Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-476
7.5
2022-02-11 CVE-2021-35069 Integer Overflow or Wraparound vulnerability in Qualcomm products
Improper validation of data length received from DMA buffer can lead to memory corruption.
local
low complexity
qualcomm CWE-190
7.2
2022-02-11 CVE-2021-35074 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-190
7.2
2022-02-11 CVE-2021-35075 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-476
7.2
2022-02-11 CVE-2021-35077 Use After Free vulnerability in Qualcomm products
Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
7.2
2022-01-13 CVE-2021-30319 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
local
low complexity
qualcomm CWE-190
7.2
2022-01-03 CVE-2021-1894 Improper Handling of Exceptional Conditions vulnerability in Qualcomm products
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-755
7.2
2022-01-03 CVE-2021-30262 Use After Free vulnerability in Qualcomm products
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.8
2022-01-03 CVE-2021-30269 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-476
7.2
2022-01-03 CVE-2021-30270 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-476
7.2