Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-09	CVE-2021-1963	Use After Free vulnerability in Qualcomm products Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-416	6.7
2021-09-08	CVE-2021-1904	Incorrect Comparison vulnerability in Qualcomm products Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-697	5.5
2021-09-08	CVE-2021-1928	Out-of-bounds Read vulnerability in Qualcomm products Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking low complexity qualcomm CWE-125	6.1
2021-09-08	CVE-2021-1929	Unspecified vulnerability in Qualcomm products Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm	5.5
2021-07-13	CVE-2021-1897	Out-of-bounds Read vulnerability in Qualcomm products Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables low complexity qualcomm CWE-125	4.6
2021-07-13	CVE-2021-1898	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables low complexity qualcomm CWE-125	4.6
2021-07-13	CVE-2021-1899	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables low complexity qualcomm CWE-125	4.6
2021-07-13	CVE-2021-1901	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables low complexity qualcomm CWE-125	4.6
2021-05-07	CVE-2021-1906	Improper Handling of Exceptional Conditions vulnerability in Qualcomm products Improper handling of address deregistration on failure can lead to new GPU address allocation failure. local low complexity qualcomm CWE-755	5.5
2021-03-17	CVE-2020-11221	Information Exposure vulnerability in Qualcomm products Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-200	5.5