Vulnerabilities > Qualcomm > Wcn3680B Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-13 | CVE-2021-1897 | Out-of-bounds Read vulnerability in Qualcomm products Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 4.6 |
2021-07-13 | CVE-2021-1898 | Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 4.6 |
2021-07-13 | CVE-2021-1899 | Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 4.6 |
2021-07-13 | CVE-2021-1901 | Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 4.6 |
2021-06-09 | CVE-2020-11160 | Integer Overflow or Wraparound vulnerability in Qualcomm products Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.7 |
2021-05-07 | CVE-2020-11293 | Out-of-bounds Read vulnerability in Qualcomm products Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 6.0 |
2021-05-07 | CVE-2021-1906 | Improper Handling of Exceptional Conditions vulnerability in Qualcomm products Improper handling of address deregistration on failure can lead to new GPU address allocation failure. | 5.5 |
2021-04-07 | CVE-2020-11231 | Double Free vulnerability in Qualcomm products Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 6.7 |
2021-03-17 | CVE-2020-11305 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | 6.8 |
2021-03-17 | CVE-2020-11221 | Information Exposure vulnerability in Qualcomm products Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 5.5 |