Vulnerabilities > Qualcomm > Sa8540P Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-02 | CVE-2022-22100 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto | 7.8 |
| 2022-09-02 | CVE-2022-22104 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in multimedia due to improper check on the messages received. | 7.8 |
| 2022-06-14 | CVE-2021-35090 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 6.9 |
| 2022-06-14 | CVE-2021-35094 | Improper Authentication vulnerability in Qualcomm products Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 7.2 |
| 2022-06-14 | CVE-2021-35101 | Reachable Assertion vulnerability in Qualcomm products Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile | 4.9 |
| 2022-06-14 | CVE-2021-35114 | Classic Buffer Overflow vulnerability in Qualcomm Sa8540P Firmware and Sa9000P Firmware Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto | 7.2 |
| 2022-06-14 | CVE-2022-22103 | Double Free vulnerability in Qualcomm Sa8540P Firmware and Sa9000P Firmware Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto | 7.2 |
| 2022-04-01 | CVE-2021-1950 | Improper Authentication vulnerability in Qualcomm products Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | 7.2 |
| 2022-04-01 | CVE-2021-35115 | Use After Free vulnerability in Qualcomm products Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile | 4.6 |
| 2022-01-03 | CVE-2021-1894 | Improper Handling of Exceptional Conditions vulnerability in Qualcomm products Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.2 |