Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-09	CVE-2021-1962	Classic Buffer Overflow vulnerability in Qualcomm products Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-120	4.6
2021-09-09	CVE-2021-1963	Use After Free vulnerability in Qualcomm products Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-416	4.6
2021-09-09	CVE-2021-1974	Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-125	5.0
2021-09-09	CVE-2021-30290	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local qualcomm CWE-367	4.4
2021-09-09	CVE-2021-30294	NULL Pointer Dereference vulnerability in Qualcomm products Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile local low complexity qualcomm CWE-476	4.9
2021-09-08	CVE-2020-11301	Improper Authentication vulnerability in Qualcomm products Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-287	5.0
2021-09-08	CVE-2021-1914	Infinite Loop vulnerability in Qualcomm products Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables network low complexity qualcomm CWE-835	5.0
2021-09-08	CVE-2021-1923	Incorrect Type Conversion or Cast vulnerability in Qualcomm products Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT local low complexity qualcomm CWE-704	4.6
2021-07-13	CVE-2021-1896	Cleartext Transmission of Sensitive Information vulnerability in Qualcomm products Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity low complexity qualcomm CWE-319	4.3
2021-07-13	CVE-2021-1907	Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile network low complexity qualcomm CWE-120	5.0