Total
122 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11240 | 1 Qualcomm | 686 Apq8009w, Apq8009w Firmware, Apq8017 and 683 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11252 | 1 Qualcomm | 620 Aqt1000, Aqt1000 Firmware, Ar8031 and 617 more | 2023-12-10 | 4.7 MEDIUM | 5.5 MEDIUM |
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11160 | 1 Qualcomm | 290 Apq8096au, Apq8096au Firmware, Aqt1000 and 287 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-1927 | 1 Qualcomm | 914 Apq8009, Apq8009 Firmware, Apq8009w and 911 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11284 | 1 Qualcomm | 262 Aqt1000, Aqt1000 Firmware, Ar8035 and 259 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11250 | 1 Qualcomm | 720 Apq8009w, Apq8009w Firmware, Apq8017 and 717 more | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11245 | 1 Qualcomm | 404 Aqt1000, Aqt1000 Firmware, Ar8035 and 401 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11253 | 1 Qualcomm | 346 Aqt1000, Aqt1000 Firmware, Pm3003a and 343 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-11146 | 1 Qualcomm | 314 Apq8076, Aqt1000, Ar8031 and 311 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11170 | 1 Qualcomm | 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11166 | 1 Qualcomm | 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11140 | 1 Qualcomm | 449 Apq8017, Apq8037, Apq8052 and 446 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11217 | 1 Qualcomm | 193 Pm3003a, Pm4125, Pm6125 and 190 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2020-11213 | 1 Qualcomm | 555 Apq8009, Apq8009w, Apq8016 and 552 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11167 | 1 Qualcomm | 286 Apq8009w, Apq8017, Apq8037 and 283 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11190 | 1 Qualcomm | 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11270 | 1 Qualcomm | 830 Aqt1000, Aqt1000 Firmware, Ar7420 and 827 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11149 | 1 Qualcomm | 293 Apq8053, Apq8096au, Aqt1000 and 290 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11119 | 1 Qualcomm | 942 Apq8009, Apq8009 Firmware, Apq8017 and 939 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11283 | 1 Qualcomm | 379 Apq8009, Apq8009w, Apq8017 and 376 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |