Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-09	CVE-2022-40518	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer overread in Core local low complexity qualcomm CWE-125	5.5
2023-01-09	CVE-2022-40519	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer overread in Core local low complexity qualcomm CWE-125	5.5
2022-12-13	CVE-2022-25675	Reachable Assertion vulnerability in Qualcomm products Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-617	5.5
2022-11-15	CVE-2022-25676	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-125	5.5
2022-11-15	CVE-2022-25679	Unspecified vulnerability in Qualcomm products Denial of service in video due to improper access control in broadcast receivers in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm	5.5
2022-10-19	CVE-2022-25663	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity local low complexity qualcomm CWE-125	5.5
2022-09-16	CVE-2022-25653	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-125	5.5
2022-09-02	CVE-2021-35097	Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables low complexity qualcomm CWE-347	6.8
2022-09-02	CVE-2021-35135	NULL Pointer Dereference vulnerability in Qualcomm products A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-476	5.5
2022-06-14	CVE-2021-30339	Unspecified vulnerability in Qualcomm products Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm	5.5