Vulnerabilities > Qualcomm > Wcn3990 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-07 CVE-2021-1905 Use After Free vulnerability in Qualcomm products
Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.
local
low complexity
qualcomm CWE-416
7.8
2021-05-07 CVE-2021-1915 Classic Buffer Overflow vulnerability in Qualcomm products
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-120
7.8
2021-05-07 CVE-2021-1925 Reachable Assertion vulnerability in Qualcomm products
Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-617
7.5
2021-05-07 CVE-2021-1927 Use After Free vulnerability in Qualcomm products
Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
7.8
2021-04-07 CVE-2021-1892 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-787
7.8
2021-04-07 CVE-2020-11255 Memory Leak vulnerability in Qualcomm products
Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
network
low complexity
qualcomm CWE-401
7.5
2021-04-07 CVE-2020-11246 Double Free vulnerability in Qualcomm products
A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-415
7.8
2021-04-07 CVE-2020-11245 Integer Overflow or Wraparound vulnerability in Qualcomm products
Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-190
7.8
2021-04-07 CVE-2020-11242 Unspecified vulnerability in Qualcomm products
User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm
7.8
2021-04-07 CVE-2020-11237 Improper Input Validation vulnerability in Qualcomm products
Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
local
low complexity
qualcomm CWE-20
7.8