Vulnerabilities > Qualcomm > Wcn3990 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-15 CVE-2022-25676 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
5.5
5.5
2022-10-19 CVE-2022-22078 Integer Overflow or Wraparound vulnerability in Qualcomm products
Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
low complexity
qualcomm CWE-190
4.6
4.6
2022-10-19 CVE-2022-25663 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
local
low complexity
qualcomm CWE-125
5.5
5.5
2022-10-19 CVE-2022-25664 Incomplete Cleanup vulnerability in Qualcomm products
Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-459
5.5
5.5
2022-10-19 CVE-2022-25666 Use After Free vulnerability in Qualcomm products
Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-416
6.7
6.7
2022-09-16 CVE-2022-25653 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
5.5
5.5
2022-09-16 CVE-2022-25654 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
6.7
6.7
2022-09-02 CVE-2021-35097 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
6.8
2022-09-02 CVE-2021-35113 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
6.8
2022-09-02 CVE-2021-35135 NULL Pointer Dereference vulnerability in Qualcomm products
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
5.5