Vulnerabilities > Qualcomm > Sm7250P Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-01-03 CVE-2021-30337 Use After Free vulnerability in Qualcomm products
Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
7.8
2022-01-03 CVE-2021-30348 Resource Exhaustion vulnerability in Qualcomm products
Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
low complexity
qualcomm CWE-400
6.5
2022-01-03 CVE-2021-30351 Classic Buffer Overflow vulnerability in Qualcomm products
An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-120
critical
9.8
2021-07-13 CVE-2020-11307 Improper Validation of Array Index vulnerability in Qualcomm products
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
network
low complexity
qualcomm CWE-129
critical
9.8
2021-07-13 CVE-2021-1886 Out-of-bounds Write vulnerability in Qualcomm products
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
7.8
2021-07-13 CVE-2021-1888 Double Free vulnerability in Qualcomm products
Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-415
7.8
2021-07-13 CVE-2021-1889 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
7.8
2021-07-13 CVE-2021-1890 Out-of-bounds Write vulnerability in Qualcomm products
Improper length check of public exponent in RSA import key function could cause memory corruption.
local
low complexity
qualcomm CWE-787
7.8
2021-07-13 CVE-2021-1907 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-120
7.5
2021-07-13 CVE-2021-1931 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
local
low complexity
qualcomm CWE-120
6.7