Wcn3910 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-12	CVE-2021-1973	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-119	7.2
2021-11-12	CVE-2021-1975	Out-of-bounds Write vulnerability in Qualcomm products Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-787 critical	10.0
2021-11-12	CVE-2021-1979	Out-of-bounds Write vulnerability in Qualcomm products Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-787	7.2
2021-11-12	CVE-2021-1981	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-125	6.4
2021-11-12	CVE-2021-1982	Reachable Assertion vulnerability in Qualcomm products Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-617	5.0
2021-11-12	CVE-2021-30254	Improper Input Validation vulnerability in Qualcomm products Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-20	7.2
2021-11-12	CVE-2021-30255	Improper Validation of Array Index vulnerability in Qualcomm products Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-129	7.2
2021-11-12	CVE-2021-30259	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-125	7.2
2021-11-12	CVE-2021-30284	Information Exposure vulnerability in Qualcomm products Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-200	6.4
2021-10-20	CVE-2021-1913	Integer Overflow or Wraparound vulnerability in Qualcomm products Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-190	7.2