High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-14	CVE-2021-35100	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-125	7.8
2022-06-14	CVE-2021-35102	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile local low complexity qualcomm CWE-120	7.8
2022-06-14	CVE-2021-35111	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile network qualcomm CWE-367	7.1
2022-06-14	CVE-2021-35112	Incorrect Authorization vulnerability in Qualcomm products A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-863	7.2
2022-06-14	CVE-2021-35130	Use After Free vulnerability in Qualcomm products Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-416	7.2
2022-06-14	CVE-2022-22057	Race Condition vulnerability in Qualcomm products Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables local low complexity qualcomm CWE-362	7.8
2022-06-14	CVE-2022-22064	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-125	7.8
2022-06-14	CVE-2022-22065	Out-of-bounds Read vulnerability in Qualcomm products Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-125	7.8
2022-06-14	CVE-2022-22068	Use After Free vulnerability in Qualcomm products kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-416	7.2
2022-06-14	CVE-2022-22071	Use After Free vulnerability in Qualcomm products Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music local low complexity qualcomm CWE-416	7.2