Vulnerabilities > Qualcomm > Wsa8815 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-25653 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
5.5
5.5
2022-09-16 CVE-2022-25654 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
local
low complexity
qualcomm CWE-787
6.7
6.7
2022-09-02 CVE-2021-35097 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
6.8
2022-09-02 CVE-2021-35113 Improper Verification of Cryptographic Signature vulnerability in Qualcomm products
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
low complexity
qualcomm CWE-347
6.8
6.8
2022-09-02 CVE-2021-35135 NULL Pointer Dereference vulnerability in Qualcomm products
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-476
5.5
5.5
2022-06-14 CVE-2021-30339 Unspecified vulnerability in Qualcomm products
Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
5.5
5.5
2022-06-14 CVE-2021-30343 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
network
high complexity
qualcomm CWE-367
5.9
5.9
2022-06-14 CVE-2021-30345 Unspecified vulnerability in Qualcomm products
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
5.5
5.5
2022-06-14 CVE-2021-30346 Unspecified vulnerability in Qualcomm products
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm
5.5
5.5
2022-06-14 CVE-2021-35070 Information Exposure vulnerability in Qualcomm products
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-200
5.5
5.5