High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-14	CVE-2021-35112	Incorrect Authorization vulnerability in Qualcomm products A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-863	7.8
2022-06-14	CVE-2021-35123	Unspecified vulnerability in Qualcomm products Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT low complexity qualcomm	8.8
2022-06-14	CVE-2021-35130	Use After Free vulnerability in Qualcomm products Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-416	7.8
2022-04-01	CVE-2021-1942	Out-of-bounds Write vulnerability in Qualcomm products Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-787	8.8
2022-04-01	CVE-2021-1950	Improper Authentication vulnerability in Qualcomm products Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-287	7.8
2022-04-01	CVE-2021-30328	Reachable Assertion vulnerability in Qualcomm products Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	7.5
2022-04-01	CVE-2021-30329	Reachable Assertion vulnerability in Qualcomm products Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	7.5
2022-04-01	CVE-2021-30332	Reachable Assertion vulnerability in Qualcomm products Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	7.5
2022-04-01	CVE-2021-30333	Out-of-bounds Write vulnerability in Qualcomm products Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-787	7.8
2022-04-01	CVE-2021-35103	Out-of-bounds Write vulnerability in Qualcomm products Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-787	7.8