Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-19	CVE-2022-25664	Incomplete Cleanup vulnerability in Qualcomm products Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-459	5.5
2022-10-19	CVE-2022-25666	Use After Free vulnerability in Qualcomm products Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-416	6.7
2022-09-02	CVE-2021-35097	Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables low complexity qualcomm CWE-347	6.8
2022-09-02	CVE-2021-35113	Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables low complexity qualcomm CWE-347	6.8
2022-09-02	CVE-2021-35135	NULL Pointer Dereference vulnerability in Qualcomm products A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-476	5.5
2022-06-14	CVE-2021-35101	Reachable Assertion vulnerability in Qualcomm products Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile local low complexity qualcomm CWE-617	6.5
2022-06-14	CVE-2021-35119	Out-of-bounds Read vulnerability in Qualcomm products Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-125	5.5
2022-02-11	CVE-2021-30324	Classic Buffer Overflow vulnerability in Qualcomm products Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	6.7
2022-02-11	CVE-2021-30325	Improper Validation of Array Index vulnerability in Qualcomm products Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-129	6.7
2022-01-13	CVE-2021-30313	Use After Free vulnerability in Qualcomm products Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local high complexity qualcomm CWE-416	6.4