Vulnerabilities > Qualcomm > Sdm429W Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-13 | CVE-2021-1889 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-07-13 | CVE-2021-1890 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Improper length check of public exponent in RSA import key function could cause memory corruption. | 7.2 |
2021-06-09 | CVE-2020-11292 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-06-09 | CVE-2020-11239 | Use After Free vulnerability in Qualcomm products Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-06-09 | CVE-2020-11240 | Incorrect Calculation of Buffer Size vulnerability in Qualcomm products Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-06-09 | CVE-2020-11261 | Improper Input Validation vulnerability in Qualcomm products Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
2021-05-07 | CVE-2020-11289 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.2 |
2021-05-07 | CVE-2021-1895 | Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | 7.2 |
2021-05-07 | CVE-2021-1905 | Use After Free vulnerability in Qualcomm products Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. | 7.2 |
2021-05-07 | CVE-2021-1927 | Use After Free vulnerability in Qualcomm products Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.2 |