Vulnerabilities > Qualcomm > Sm7325 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2022-22076 | Unspecified vulnerability in Qualcomm products information disclosure due to cryptographic issue in Core during RPMB read request. | 5.5 |
| 2023-06-06 | CVE-2022-40523 | Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products Information disclosure in Kernel due to indirect branch misprediction. | 5.5 |
| 2023-06-06 | CVE-2022-40533 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request. | 5.5 |
| 2023-04-13 | CVE-2022-33270 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 5.9 |
| 2023-04-13 | CVE-2022-33289 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |
| 2021-11-12 | CVE-2021-1924 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 5.5 |
| 2021-09-17 | CVE-2021-1939 | NULL Pointer Dereference vulnerability in Qualcomm products Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | 5.5 |
| 2021-09-09 | CVE-2021-1935 | NULL Pointer Dereference vulnerability in Qualcomm products Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | 5.5 |
| 2021-09-09 | CVE-2021-1958 | Race Condition vulnerability in Qualcomm products A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables | 6.4 |
| 2021-09-09 | CVE-2021-1960 | Improper Input Validation vulnerability in Qualcomm products Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 6.5 |