Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-06	CVE-2022-22076	Unspecified vulnerability in Qualcomm products information disclosure due to cryptographic issue in Core during RPMB read request. local low complexity qualcomm	5.5
2023-06-06	CVE-2022-40523	Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products Information disclosure in Kernel due to indirect branch misprediction. local low complexity qualcomm CWE-668	5.5
2023-06-06	CVE-2022-40533	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request. local low complexity qualcomm CWE-119	5.5
2023-04-13	CVE-2022-33289	Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. low complexity qualcomm CWE-129	6.8
2022-04-01	CVE-2021-30331	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-120	5.5
2022-02-11	CVE-2021-30324	Classic Buffer Overflow vulnerability in Qualcomm products Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	6.7
2022-02-11	CVE-2021-30325	Improper Validation of Array Index vulnerability in Qualcomm products Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-129	6.7
2022-01-13	CVE-2021-30313	Use After Free vulnerability in Qualcomm products Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local high complexity qualcomm CWE-416	6.4
2022-01-13	CVE-2021-30314	Information Exposure vulnerability in Qualcomm products Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-200	5.5
2022-01-03	CVE-2021-30278	Improper Input Validation vulnerability in Qualcomm products Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-20	5.5