Vulnerabilities > Qualcomm > Sdx12 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-09 | CVE-2022-33285 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | 6.5 |
| 2023-01-09 | CVE-2022-33286 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | 6.5 |
| 2022-09-02 | CVE-2021-35133 | Use After Free vulnerability in Qualcomm products Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 6.7 |
| 2022-06-14 | CVE-2021-30342 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | 5.9 |
| 2022-06-14 | CVE-2021-35092 | Improper Input Validation vulnerability in Qualcomm products Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 6.7 |
| 2022-06-14 | CVE-2021-35098 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.7 |
| 2022-01-13 | CVE-2021-30313 | Use After Free vulnerability in Qualcomm products Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 6.4 |
| 2021-11-12 | CVE-2021-1924 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 5.5 |
| 2021-09-09 | CVE-2021-1961 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.7 |
| 2021-09-09 | CVE-2021-1963 | Use After Free vulnerability in Qualcomm products Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.7 |