Vulnerabilities > Qualcomm > Sm7325P Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2021-35092 Improper Input Validation vulnerability in Qualcomm products
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
local
low complexity
qualcomm CWE-20
6.7
2022-06-14 CVE-2021-35094 Improper Authentication vulnerability in Qualcomm products
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-287
7.8
2022-06-14 CVE-2021-35098 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-119
6.7
2022-06-14 CVE-2021-35100 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.5
2022-06-14 CVE-2021-35104 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-120
critical
9.8
2022-06-14 CVE-2021-35112 Incorrect Authorization vulnerability in Qualcomm products
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-863
7.8
2022-06-14 CVE-2021-35116 Improper Input Validation vulnerability in Qualcomm products
APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-20
7.1
2022-06-14 CVE-2021-35123 Unspecified vulnerability in Qualcomm products
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT
low complexity
qualcomm
8.8
2022-06-14 CVE-2021-35126 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-129
7.8
2022-06-14 CVE-2021-35130 Use After Free vulnerability in Qualcomm products
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
7.8