Vulnerabilities > Qualcomm > SD 8 Gen1 5G Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-25656 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-190
7.8
2022-09-16 CVE-2022-25669 Out-of-bounds Read vulnerability in Qualcomm products
Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.5
2022-09-16 CVE-2022-25670 Out-of-bounds Read vulnerability in Qualcomm products
Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.5
2022-09-16 CVE-2022-25690 Improper Validation of Array Index vulnerability in Qualcomm products
Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
network
low complexity
qualcomm CWE-129
7.5
2022-09-16 CVE-2022-25693 Use After Free vulnerability in Qualcomm products
Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
7.8
2022-09-16 CVE-2022-25696 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in display due to time-of-check time-of-use race condition during map or unmap in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
high complexity
qualcomm CWE-367
7.0
2022-09-16 CVE-2022-25706 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.5
2022-09-02 CVE-2021-35134 Incorrect Calculation of Buffer Size vulnerability in Qualcomm products
Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-131
8.4
2022-09-02 CVE-2022-22059 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-125
7.8
2022-09-02 CVE-2022-22061 Unspecified vulnerability in Qualcomm products
Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
local
low complexity
qualcomm
7.8