Vulnerabilities > Qualcomm > Wcn6850 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2021-1961 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-120
4.6
2021-09-09 CVE-2021-1963 Use After Free vulnerability in Qualcomm products
Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-416
4.6
2021-09-09 CVE-2021-1974 Out-of-bounds Read vulnerability in Qualcomm products
Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
5.0
2021-09-09 CVE-2021-30290 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
4.4
2021-09-09 CVE-2021-30294 NULL Pointer Dereference vulnerability in Qualcomm products
Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-476
4.9
2021-09-08 CVE-2020-11301 Improper Authentication vulnerability in Qualcomm products
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-287
5.0
2021-09-08 CVE-2021-1914 Infinite Loop vulnerability in Qualcomm products
Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-835
5.0
2021-09-08 CVE-2021-1923 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT
local
low complexity
qualcomm CWE-704
4.6
2021-07-13 CVE-2021-1896 Cleartext Transmission of Sensitive Information vulnerability in Qualcomm products
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity
low complexity
qualcomm CWE-319
4.3
2021-07-13 CVE-2021-1907 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-120
5.0