Vulnerabilities > Qualcomm > Wcd9360 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-1923 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT | 4.6 |
| 2021-07-13 | CVE-2021-1886 | Out-of-bounds Write vulnerability in Qualcomm products Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
| 2021-07-13 | CVE-2021-1888 | Double Free vulnerability in Qualcomm products Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
| 2021-07-13 | CVE-2021-1889 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | 7.2 |
| 2021-07-13 | CVE-2021-1890 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Improper length check of public exponent in RSA import key function could cause memory corruption. | 7.2 |
| 2021-07-13 | CVE-2021-1938 | Reachable Assertion vulnerability in Qualcomm products Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 5.0 |
| 2021-07-13 | CVE-2021-1953 | Reachable Assertion vulnerability in Qualcomm products Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 5.0 |
| 2021-07-13 | CVE-2021-1955 | Reachable Assertion vulnerability in Qualcomm products Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 5.0 |
| 2021-06-09 | CVE-2020-11176 | Out-of-bounds Write vulnerability in Qualcomm products While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile | 10.0 |
| 2021-06-09 | CVE-2020-11291 | Improper Validation of Array Index vulnerability in Qualcomm products Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile | 10.0 |