Vulnerabilities > Qualcomm > Sd7C

DATE CVE VULNERABILITY TITLE RISK
2021-02-22 CVE-2020-11287 Information Exposure Through Discrepancy vulnerability in Qualcomm products
Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure.
network
low complexity
qualcomm CWE-203
7.5
2021-01-21 CVE-2020-11215 Out-of-bounds Read vulnerability in Qualcomm products
An out of bounds read can happen when processing VSA attribute due to improper minimum required length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
9.1
2021-01-21 CVE-2020-11214 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
7.5
2021-01-21 CVE-2020-11213 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
9.8
2021-01-21 CVE-2020-11212 Out-of-bounds Read vulnerability in Qualcomm products
Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
9.8
2021-01-21 CVE-2020-11200 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side.
network
low complexity
qualcomm CWE-125
7.5
2021-01-21 CVE-2020-11179 Out-of-bounds Write vulnerability in Qualcomm products
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition.
local
high complexity
qualcomm CWE-787
7.0