Vulnerabilities > Qualcomm > Smb1350 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2020-11233 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
6.9
2021-06-09 CVE-2020-11262 Use After Free vulnerability in Qualcomm products
A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue.
4.4
2021-03-17 CVE-2020-11188 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
6.4
2021-01-21 CVE-2020-11119 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
5.0