Sdx55 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-02	CVE-2021-35132	Improper Validation of Specified Quantity in Input vulnerability in Qualcomm products Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-1284	7.8
2022-09-02	CVE-2022-22070	Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-787	7.8
2022-09-02	CVE-2022-22080	Out-of-bounds Write vulnerability in Qualcomm products Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music local low complexity qualcomm CWE-787	7.8
2022-06-14	CVE-2021-30281	Unspecified vulnerability in Qualcomm products Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm	7.2
2022-06-14	CVE-2021-30327	Classic Buffer Overflow vulnerability in Qualcomm products Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music local low complexity qualcomm CWE-120	7.2
2022-06-14	CVE-2021-30334	Use After Free vulnerability in Qualcomm products Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-416	7.2
2022-06-14	CVE-2021-30340	Reachable Assertion vulnerability in Qualcomm products Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	7.8
2022-06-14	CVE-2021-30341	Out-of-bounds Write vulnerability in Qualcomm products Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables network low complexity qualcomm CWE-787 critical	10.0
2022-06-14	CVE-2021-30343	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network qualcomm CWE-367	7.1
2022-06-14	CVE-2021-30344	Unspecified vulnerability in Qualcomm products Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm	7.5