Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-21	CVE-2020-11217	Double Free vulnerability in Qualcomm products A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-415	4.6
2021-01-21	CVE-2020-11215	Out-of-bounds Read vulnerability in Qualcomm products An out of bounds read can happen when processing VSA attribute due to improper minimum required length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-125	6.4
2021-01-21	CVE-2020-11214	Out-of-bounds Read vulnerability in Qualcomm products Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-125	5.0
2021-01-21	CVE-2020-11200	Out-of-bounds Read vulnerability in Qualcomm products Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side. network low complexity qualcomm CWE-125	5.0
2021-01-21	CVE-2020-11179	Out-of-bounds Read vulnerability in Qualcomm products Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. local qualcomm CWE-125	6.9
2021-01-21	CVE-2020-11151	Use After Free vulnerability in Qualcomm products Race condition occurs while calling user space ioctl from two different threads can results to use after free issue in video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local qualcomm CWE-416	6.9
2021-01-21	CVE-2020-11146	Improper Validation of Array Index vulnerability in Qualcomm products Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-129	4.6
2021-01-21	CVE-2020-11145	Divide By Zero vulnerability in Qualcomm products Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-369	5.0
2021-01-21	CVE-2020-11144	Out-of-bounds Read vulnerability in Qualcomm products Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-125	6.4