High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-03	CVE-2021-30335	Reachable Assertion vulnerability in Qualcomm products Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-617	7.8
2022-01-03	CVE-2021-30336	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables local low complexity qualcomm CWE-125	7.8
2022-01-03	CVE-2021-30337	Use After Free vulnerability in Qualcomm products Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-416	7.8
2021-11-12	CVE-2021-1921	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local high complexity qualcomm CWE-367	7.0
2021-11-12	CVE-2021-30259	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-125	7.8
2021-10-20	CVE-2020-11303	Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-668	8.6
2021-10-20	CVE-2021-1913	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-190	8.4
2021-10-20	CVE-2021-1917	NULL Pointer Dereference vulnerability in Qualcomm products Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables local low complexity qualcomm CWE-476	8.4
2021-10-20	CVE-2021-1932	Unspecified vulnerability in Qualcomm products Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm	8.4
2021-10-20	CVE-2021-1936	NULL Pointer Dereference vulnerability in Qualcomm products Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables network low complexity qualcomm CWE-476	7.5