Vulnerabilities > Qualcomm > Wcd9375 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2021-35121 Improper Validation of Array Index vulnerability in Qualcomm products
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-129
6.7
2022-04-01 CVE-2021-30331 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
5.5
2022-02-11 CVE-2021-30324 Classic Buffer Overflow vulnerability in Qualcomm products
Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
6.7
2022-02-11 CVE-2021-30325 Improper Validation of Array Index vulnerability in Qualcomm products
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-129
6.7
2022-01-13 CVE-2021-30313 Use After Free vulnerability in Qualcomm products
Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
high complexity
qualcomm CWE-416
6.4
2022-01-13 CVE-2021-30314 Information Exposure vulnerability in Qualcomm products
Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-200
5.5
2022-01-03 CVE-2021-1918 Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products
Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-668
6.5
2022-01-03 CVE-2021-30278 Improper Input Validation vulnerability in Qualcomm products
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-20
5.5
2022-01-03 CVE-2021-30283 Improper Handling of Exceptional Conditions vulnerability in Qualcomm products
Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-755
5.5
2022-01-03 CVE-2021-30348 Resource Exhaustion vulnerability in Qualcomm products
Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
low complexity
qualcomm CWE-400
6.5