Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-1967

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-20 Oct, 2021 | 06:31
Updated At-03 Aug, 2024 | 16:25
Rejected At-
Credits

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:20 Oct, 2021 | 06:31
Updated At:03 Aug, 2024 | 16:25
Rejected At:
â–¼CVE Numbering Authority (CNA)

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Versions
Affected
  • APQ8009, APQ8053, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, MDM9206, MDM9628, QCA6174A, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8337, QCA9367, QCA9377, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS605, QCS610, QCS6125, QRB5165, Qualcomm215, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8C, SD 8CX, SD205, SD210, SD460, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD820, SD855, SD865 5G, SD870, SD888 5G, SDA429W, SDX55, SDX55M, SDXR2 5G, SM6250, SM7250P, SM7325P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
Problem Types
TypeCWE IDDescription
textN/AStack-based Buffer Overflow in WLAN
Type: text
CWE ID: N/A
Description: Stack-based Buffer Overflow in WLAN
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:20 Oct, 2021 | 07:15
Updated At:26 Oct, 2021 | 18:03

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8009>>-
cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8009_firmware>>-
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8031>>-
cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8031_firmware>>-
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035>>-
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035_firmware>>-
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620>>-
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620_firmware>>-
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640>>-
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640_firmware>>-
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9628_firmware>>-
cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9628>>-
cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6174a_firmware>>-
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6174a>>-
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6390_firmware>>-
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6390>>-
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391_firmware>>-
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391>>-
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420_firmware>>-
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420>>-
cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6421_firmware>>-
cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6421>>-
cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426_firmware>>-
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426>>-
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430_firmware>>-
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430>>-
cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6431_firmware>>-
cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6431>>-
cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436_firmware>>-
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436>>-
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6564a_firmware>>-
cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6564a>>-
cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6564au_firmware>>-
cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6564au>>-
cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574_firmware>>-
cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574>>-
cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574a>>-
cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574a_firmware>>-
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574au_firmware>>-
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574au>>-
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6595_firmware>>-
cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6595>>-
cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6595au_firmware>>-
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6595au>>-
cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletinproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1041Records found
CVE-2017-11026
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.48%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using reference FRP unlock, authentication method can be compromised for static keys.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2017-11072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-16 Jan, 2018 | 16:00
Updated-17 Sep, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11030
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the HDMI video driver function hdmi_edid_sysfs_rda_res_info(), userspace can perform an arbitrary write into kernel memory.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11075
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.81%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free condition can potentially occur in wdsp_glink_write().

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2017-11016
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation fails while creating a calibration block in create_cal_block stale pointers are left uncleared.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-11018
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur in the camera driver in the kernel

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11017
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.51%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI image, it is possible to corrupt memory, or access uninitialized memory.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11032
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in the service-locator driver function service_locator_send_msg().

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-415
Double Free
CVE-2017-11038
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the boot image header, range checks can be bypassed by supplying different versions of the header at the time of check and use.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CVE-2017-11029
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.81%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in the driver /dev/mdss_rotator, a Use-After-Free condition can potentially occur due to a fence being installed too early.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2017-11003
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-11080
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11042
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 3.08%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, ImsService and the IQtiImsExt AIDL APIs are not subject to access control.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-862
Missing Authorization
CVE-2017-11085
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msm_audio_effects_virtualizer_handler, file msm-audio-effects-q6-v2.c

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14076
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.86%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremdm9150_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresda845_firmwaresa415mapq8098mdm9205mdm9206_firmwareqcs605mdm9650_firmwaremsm8905_firmwaresxr1130_firmwaresdx55_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwareapq8098_firmwaremsm8998_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaremdm9150msm8905sm8150_firmwaremsm8909sxr2130_firmwareqcs405_firmwarerennellsc7180mdm9205_firmwarerennell_firmwaresdx55sm6150_firmwaresm8250msm8998sm8150sdm850kamortanicobar_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-15848
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.27%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the fastrpc kernel driver, a buffer overflow vulnerability from userspace may potentially exist.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-15845
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.27%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-11035
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initialization of WEXT callbacks and lack of the checks for buffer size.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11081
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-17 Sep, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can hold maximum 32 bytes but data more than 32 bytes can get copied.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14888
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-07 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Userspace can pass IEs to the host driver and if multiple append commands are received, then the integer variable that stores the length can overflow and the subsequent copy of the IE data may potentially lead to a heap buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5823
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-10620
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.02%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096au_firmwaremsm8996ausdx24_firmwaresm8150sm8150_firmwareapq8096ausdm439_firmwaremsm8996au_firmwareapq8098_firmwareapq8098qcn7605qcn7605_firmwaresdx24sdm439Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-14896
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory overwrite.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11047
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a graphics driver ioctl handler, the lack of copy_from_user() function calls may result in writes to kernel memory.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11019
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the fd allocated during the get_metadata was not closed even though the buffer allocated to the fd was freed. This resulted in a failure during exit sequence.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-1487
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.20% / 41.62%
||
7 Day CHG+0.09%
Published-21 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qpoppern/a
CVE-2018-5899
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.51%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, whenever TDLS connection is setup, we are freeing the netbuf in ol_tx_completion_handler and after that, we are accessing it in NBUF_UPDATE_TX_PKT_COUNT causing a use after free.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2021-1962
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.44%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwaremdm9150_firmwaresd678qca9561sa6150p_firmwaresa8145p_firmwareqcs610fsm10056ar9380qca9563_firmwareqca9561_firmwarefsm10055_firmwareqca9880_firmwareqca9992wcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareipq8069_firmwaresa6155sd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9984_firmwarewcn3998wcn3950wcd9326_firmwaresd720gwcn3615_firmwareqca9563wcn3660bqca9982sa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6584ausa6155p_firmwareipq8065qca9990sa8155_firmwareipq8068wcn3988_firmwareqca6430sa6145p_firmwaresd205sm6250wcd9340sa8195pwsa8810_firmwarequalcomm215_firmwarefsm10056_firmwarewcd9326wcd9335sa6155pqca9982_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwareqca9898_firmwarewcd9375aqt1000sa8150psm6250_firmwaresda429wsd210qca9992_firmwaresd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sa8195p_firmwareqca9898wcn3610qca9882wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675qca9980_firmwareqca6595ar9380_firmwaresdx55m_firmwareqca9558qca9558_firmwareqca9896_firmwareipq8065_firmwareqca6574sd665_firmwarewcd9380qualcomm215qcs410qca6574asdx50m_firmwareqca9889qca9888qca6430_firmwareqca9994_firmwarewcd9335_firmwarewcn3980qca6574_firmwareqca9886qcs605sd855wcd9340_firmwarewsa8815sd665qca9887wcn3660b_firmwarewcn3680qca6574a_firmwareqca9984ipq8064ipq8069wcn3980_firmwaresd730qca6391sdx55mipq8064_firmwareaqt1000_firmwaresd678_firmwarewcn3680_firmwaresdx50mqca9882_firmwareqca9994qca9887_firmwareqca9531qca6574auqca9889_firmwaresa8155p_firmwareqca9980sd205_firmwareqca9880wcd9341_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150sa6145pqca9886_firmwareqca6595_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675qca9990_firmwareqca9531_firmwaresd720g_firmwareqcs410_firmwareqca9896Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35092
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830qcs610qca8337wcd9360_firmwaremdm9650sdx65csra6620wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377wcn3998wcd9385_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3615wcn3998_firmwareqca6420apq8053_firmwarewcd9360qrb5165nsd680_firmwaresd778gwcn7851qrb5165_firmwareqrb5165m_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresd778g_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwaresd680wcd9326wcd9335wcn6851qca8081wcn7851_firmwareqca6174a_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375msm8953_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835wcd9380sd888_5gqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pqca6430_firmwarewcd9335_firmwarewcn3980wcn6750qcs605sd855wsa8815sm7325p_firmwarewcn6850mdm9650_firmwaresd765wcn3660b_firmwarewcn3680qca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaremsm8953sdx65_firmwarear8031_firmwarewcn3680_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwaresd480sd870wsa8810wcn6855qcs610_firmwaremdm9150wcn6856wcn3680bsd695_firmwaresd768gapq8096auar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55apq8053apq8096au_firmwarecsra6640sm7250psdx12qcs410_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-20
Improper Input Validation
CVE-2021-35098
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.70%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830mdm9640_firmwareqcs610mdm9650csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9377wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwarewcn3660bsd662sd460_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwaresdx12_firmwarewcn3615wcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwareapq8053_firmwareqrb5165nsd680_firmwaresd778gsa515m_firmwaresd429qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqcs6125sd662_firmwareqcs405qca6430wcn3988_firmwaresd429_firmwaresd778g_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436sd680wcd9326wcd9335wcn6851qcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8953_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwarewcn6750_firmwareqcm6125_firmwaremdm9640wcn3991wcd9380_firmwarewcn3990sdm429wsd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835sdm429w_firmwarewcd9380sd888_5gqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pqca6430_firmwarewcd9335_firmwarewcn3980wcn6750sa515mqcs605sd855wsa8815sm7325p_firmwarewcn6850mdm9650_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaremsm8953ar8031_firmwareqcm4290wcn3680_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwareqca6574auwcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwaremdm9150wcn6856wcn3680bsd695_firmwaresd768gapq8096auar8031qcs405_firmwarewcn6740qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55apq8053apq8096au_firmwarecsra6640sm7250psdx12qcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-35121
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2290_firmwarewcn3991_firmwarewcn3991wsa8830wcd9380_firmwareqcs2290_firmwaresd865_5gsdx55m_firmwarewsa8835qcs4290wcn3950_firmwarewcd9380sd765g_firmwareqcs2290qca6390_firmwaresd690_5gwcd9370sd690_5g_firmwareqca6426qrb5165n_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwarewsa8815wcn6850sd662wcn3910sd460_firmwaresd765qca6426_firmwarewcn3680b_firmwaresd768g_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqrb5165msm7250p_firmwaresd460qca6391sdx55mapq8053_firmwareqca6436_firmwareqrb5165nsd680_firmwaremsm8953qcm4290qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqrb5165wcn6851_firmwaresd662_firmwarewcn3988_firmwarewsa8810_firmwaresd765gqcm4290_firmwaresd765_firmwaresd870qca6436sd680wcd9326wcn6851wsa8810wcn3680bqcs4290_firmwarewcd9385sd768gsd750gsd870_firmwareqca6391_firmwareqca6390wcd9375sd750g_firmwarewcn3910_firmwarewcd9370_firmwaremsm8953_firmwareapq8053wsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcm2290Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-35120
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaremdm9150_firmwarewsa8830qcs610qcs2290_firmwareqca8337sdx65csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426wcn3990_firmwareqrb5165n_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125wcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd662sd460_firmwaresa8155wcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615sm7250p_firmwarewcn3998_firmwarewcn3999_firmwareqca6420qca6436_firmwareapq8053_firmwareqrb5165nsm7450_firmwaresd680_firmwaresa6155p_firmwarewcn3999sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresd429sdxr2_5gqcs6125wcn7851sa8155_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresd429_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436sd680wcd9326sa6155pwcd9335wcn6851qcs603_firmwarewcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wcn3910_firmwaremsm8953_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewcn7850_firmwarewsa8815_firmwaresm7450wsa8835_firmwaresm8475wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sdm429wsd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qca6574sdm429w_firmwarewcd9380sd888_5gqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwareqcs605sd855sm4125_firmwarewcn6850wsa8815wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55msm8475_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sdx65_firmwarear8031_firmwareqcm4290qcm6490_firmwarewcn3680_firmwarewsa8832_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810wsa8832qcs610_firmwaremdm9150wcn6856wcn3680bsd768gar8031qcs405_firmwarewcn6740qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55apq8053sa8155pcsra6640sm7250pqcs410_firmwaresm8475p_firmwarear8035_firmwareqcm2290sm8475pSnapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2021-35115
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.46%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar6003_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareqca6564ausdx55m_firmwaremdm9215mdm9615mqca6574ausa6145p_firmwaremdm8215m_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwarewcd9341_firmwaresa6155psa8540pmdm8215mdm9310_firmwareqca6574asa6145pmdm8615m_firmwarewcd9341mdm8615mqca6584au_firmwareapq8096auqca6564aqca6696_firmwaresa8145pqca6696mdm9615mdm8215_firmwaremdm9615m_firmwaresa9000psa8150psa6150psdx55apq8096au_firmwaresa8155pmdm9615_firmwaremdm9215_firmwaresa9000p_firmwaremdm8215mqca6574a_firmwareqca6574au_firmwaresa8195p_firmwaresdx55_firmwarear6003sdx55mmdm9310Snapdragon Auto, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2017-9723
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 21:00
Updated-16 Sep, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-30262
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.02%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwarewsa8830fsm10056qca8337csrb31024csra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sa415mwcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gqsw8573_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwarewcn3610_firmwareqca6436_firmwarewcn3999_firmwareqrb5165nqca6564au_firmwaresa6155p_firmwaresm6225wcn3999sd429qrb5165_firmwaresdxr2_5gsa8155_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresm6250wcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs603_firmwareqca6174a_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000sa8150pwcd9375sm6250_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd660sd865_5g_firmwarewcn3620_firmwarewcn3988wcn6850_firmwarewsa8815_firmwaresd660_firmwarewcn3620wsa8835_firmwaresa8195p_firmwareqca6564awcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wsd865_5gqca6564ausdx24sdx55m_firmwareqet4101_firmwaremsm8909w_firmwareqca6574wsa8835sdm429w_firmwaresd665_firmwarewcd9380sm6250pqualcomm215qcs410qca6574asd690_5g_firmwareqca6174asdx24_firmwarewcd9335_firmwarewcn3980qsw8573qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqrb5165wcn6851_firmwareqcs603sm6225_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwareapq8009wwcd9341_firmwarewsa8810sd870sd210_firmwareqcs610_firmwaremdm9150qsm8250sa6145pwcn3680bqca6564_firmwaresdxr1sd768gar8031qcs405_firmwaresa8145pqca6696qca6391_firmwaresd845_firmwarewcd9370_firmwaresa6150psdx55sa8155pcsra6640sd675sd845qet4101sm7250psd720g_firmwareqcs410_firmwarear8035_firmwareqsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2021-30267
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.86%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678wsa8830sm6250p_firmwareqcs610fsm10056qca8337sd7c_firmwarecsrb31024wcd9360_firmwaremdm9650sdx65fsm10055_firmwarewcn3950_firmwaremdm9250sd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6426wcn3990_firmwaresm8450qca9377sa415mwcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gsm6375_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwareqca6420qca6436_firmwarewcd9360qca6564au_firmwaresa515m_firmwaresdxr2_5gsa415m_firmwarewcn3988_firmwareqca6430sm6250wcd9340wsa8810_firmwaresd765gsm8450_firmwaresd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335wcn6851qca8081qcs603_firmwareqca6174a_firmwaremdm9250_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sd750g_firmwarewcd9375sm6250_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresdx20_firmwarewcn3988wcn6850_firmwarewsa8815_firmwaresd660_firmwarewsa8835_firmwareqcx315qca6564asm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gqca6564ausdx24sdx55m_firmwaresm8450p_firmwarewcn6856_firmwarewsa8835qcx315_firmwaresd665_firmwarewcd9380sm6250pqcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sa515mqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665sd7cmdm9650_firmwaresd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwarewcn3980_firmwaresd730qca6391sdx55msdxr1_firmwareaqt1000_firmwaresdx65_firmwaresd678_firmwarecsrb31024_firmwaresdx20sd480_firmwareqcs603wcn6851_firmwareqca6574auqca6564a_firmwarewcd9341_firmwaresd480sd870sm8450pwcn6855wsa8810qcs610_firmwaremdm9150wcn6856sdxr1sd768gqca6696qca6391_firmwaresd845_firmwarewcd9370_firmwaresdx55sd675sd845sm7250psd720g_firmwaresdx12qcs410_firmwarear8035_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30285
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 13.02%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610wsa8830qcs2290_firmwarefsm10056qca8337sd7c_firmwarecsrb31024csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426qrb5165n_firmwareqca9984_firmwareqca9377sa415mwcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwarewcn3950sd720gsm6375_firmwaresd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwarewcd9306sm6225wcn3999sd_8cx_gen2sa515m_firmwareqcs6490qrb5165_firmwaresdxr2_5gsa8155_firmwareqca4004_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwarewcd9306_firmwaresa8195psd765gsd765_firmwarefsm10056_firmwareqca6436wcn6851wcd9335sa6155pqcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwarewcd9375sa8150pwcn3910_firmwaresm6250_firmwareqca4004wsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwaresa8195p_firmwareqcx315qca6564awcn6750_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd_675sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwarewsa8835qca6574qcx315_firmwaresd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325psdx24_firmwarewcd9335_firmwarewcn6750mdm9205sa515mqca6574_firmwareqcs605sm7325p_firmwaresd665sd7cwcn3910wcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwareqca9984sd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqca6564a_firmwaresdx57mqcm4290_firmwaresd480sd870wcn6855qcs610_firmwaremdm9150wcn6856qsm8250sa6145pqca6564_firmwaresdxr1sd768gar8031qcs405_firmwaresa8145pqca6696mdm9205_firmwareqca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155pcsra6640sd675sm7250psd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CVE-2021-30298
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwaremdm9150_firmwarewsa8830wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwareqcs610qcn9000ipq8072afsm10056qca8337ipq8076a_firmwaresd865_5gsdx55m_firmwarecsra6620fsm10055_firmwarewsa8835wcn3950_firmwaresd665_firmwarewcd9380sd765g_firmwareqca6595au_firmwareqca6390_firmwarequalcomm215qcs410wcd9370csra6620_firmwarecsra6640_firmwareqrb5165n_firmwareqcn9000_firmwarewcd9335_firmwarewcn3980wcn3998wcd9385_firmwarewcn3950ipq8076awcd9340_firmwarewcn3660bwsa8815wcn6850sd665ipq8074asd662sd460_firmwaresd765wcn3660b_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auwcd9375_firmwarewcn3998_firmwarewcn3999_firmwaresm7250p_firmwarewcn3980_firmwarewcn3610_firmwaresd460qca6391sdx55mqrb5165nwcn3999ar8031_firmwareqrb5165_firmwareqrb5165wcn6851_firmwaresd662_firmwareipq8072a_firmwareqcs405wcn3988_firmwareqca6574auqcn9074sd205sa8155p_firmwaresd205_firmwarewcd9340wsa8810_firmwarequalcomm215_firmwaresd765gwcd9341_firmwarewsa8810sd765_firmwarefsm10056_firmwaresd870wcn6851wcd9335sd210_firmwareqcs610_firmwaremdm9150wcd9385wcd9341sd768gar8031qca6696_firmwareqcs405_firmwaresd870_firmwareqca6696qca6391_firmwarear8035qca6390wcd9375wcd9370_firmwaresdx55sa8155pwsa8830_firmwaresda429wsd210csra6640sd865_5g_firmwarewcn3620_firmwareipq8074a_firmwarewcn3988wcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresm7250pqcn9074_firmwareqcs410_firmwarear8035_firmwarewcn3610Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2005-3098
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.33% / 55.89%
||
7 Day CHG~0.00%
Published-28 Sep, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qpoppern/a
CVE-2021-30318
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 31.13%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337wcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca9367_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qualcomm215_firmwaresd765gfsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwareqca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3610sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwareqca6574wcd9380qualcomm215qcs410sd690_5g_firmwaresdx24_firmwareqcn9012_firmwaresd439_firmwareqsw8573qcs605wcn6850wcn3910qca6426_firmwarewcn3660b_firmwaresd730wcd9330_firmwaresdx55mwcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwaresa6145psdxr1apq8096auar8031qcs405_firmwaresa8145pqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439qcs8155_firmwarear8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwarecsra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd662qcn9011_firmwaresa8155sdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresd778gqcs8155sm6225sa515m_firmwareqcs6490sd429sdxr2_5gqca9367mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwaresd765_firmwareqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375sm6250_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareapq8017qcx315qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gsdx24qcn9012sd888msm8909w_firmwareqcx315_firmwaremsm8996ausdm429w_firmwarewsa8835sd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pwcn6750sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareqcn9011sm6225_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwareqcm6125mdm9150wcn6856qca6564_firmwaresd768gwcn6740qca6696sa6150psdw2500apq8096au_firmwaresm7250psd720g_firmwaresdx12qcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30325
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.36%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn3998wcn3950qcn6024_firmwareipq8076amdm9206_firmwarewcn3660bsd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6438_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqrb5165m_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405wcd9340qcn6132sd765gqualcomm215_firmwareqca6436wcn6851sa6155pqcs603_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwareqca9988_firmwareqcn5154_firmwaresa8150pqca9992_firmwaresd865_5g_firmwarewcn3988qca6438sa8195p_firmwareqcn5121qcn5022_firmwareqca9898ipq4028wcn3610qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwarewcd9330ipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173qcn5164qca9558qca6574csr8811_firmwarewcd9380qualcomm215qcn5054_firmwareqcs410qcn5024ipq4019_firmwareqca8072_firmwareqca9985qcn9012_firmwarewcd9335_firmwareqcn5052_firmwarewcn3980ipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwareqcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqcn5064_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qcn5502qca9994qca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwareqca9880sd870qcn5121_firmwaresd210_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwarear8031apq8096auqcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwaresa8155pcsra6640qca9531_firmwarear8035_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwareqcn9070sa8145p_firmwareqca9563_firmwarecsra6620qcn9072qca9880_firmwareqca9992sd765g_firmwareqca6390_firmwareipq6000wcd9370ipq8072qcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018wcd9385_firmwaresdxr2_5g_firmwareqca9563ipq8074asd662qcn5124_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwaresa6155p_firmwaresm6225ipq8174qca9990sdxr2_5gqcn5052qca9367wcn3988_firmwareqcn9074sd205sa6145p_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9335qca8081qcn6023ipq8071aipq8071a_firmwarewcd9385qca6390qca9898_firmwarewcd9375ar8035csr8811ipq4019qcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewcn6850_firmwarewcn3620qca6564aqca9988qca8072wcn3990qcn9000sd865_5gar9380_firmwareqcn9012qca9558_firmwareqcn6122_firmwareipq8065_firmwaresd665_firmwareqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206qca9889qcn6132_firmwareqca9888ipq8074qca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886qcn5502_firmwaresd665ipq8076sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd460qca6391ipq6005qcn9100qcn9070_firmwareipq6028_firmwareipq8072a_firmwaresm6225_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwarewsa8810mdm9150qcn5022qca6564_firmwaresd768gipq6010_firmwareqca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-30305
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.02%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewcn3991wsa8830wcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresd780gwcn6856_firmwarewsa8835qca6574wcd9380sa8150p_firmwaresd888_5gqca6595au_firmwaresa6155wcd9370qca6574awcn6855_firmwareqca6174asm7325wcd9335_firmwareqca9377wcn6750wcd9385_firmwareqca6574_firmwarewcn6850sa8155qca6574a_firmwareqca6574au_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwareqca6391wcn6740_firmwaresd778gsa6155p_firmwareqcs6490qcm6490_firmwaresd480_firmwaresa8155_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresd778g_firmwaresa8195pwcd9341_firmwaresd480wcn6855wcn6851wcd9335sa6155pwcn6856sa6145pqca6174a_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresa8145pwcn6740qca6696qca6391_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresa8150psa6150psa8155pwsa8830_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwaresa8195p_firmwaresdx12wcn6750_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2021-30324
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.36%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn3998wcn3950ipq8076aqcn6024_firmwarewcn3660bsd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq4029_firmwareipq8072_firmwareqrb5165m_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405wcd9340qcn6132qualcomm215_firmwaresd765gqca6436wcn6851sa6155pqcs603_firmwareqca9888_firmwareqcn6122ipq8068_firmwarewcd9341qca6696_firmwaresd750gsd870_firmwareqcn5154_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn3988qca6438sa8195p_firmwareqca9898qcn5022_firmwareipq4028wcn3610qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173qcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwarequalcomm215qcs410ipq4019_firmwareqcn5024sd690_5g_firmwareqca8072_firmwareqca9985qcn9012_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwareqcn5550_firmwaresdx55mipq8064_firmwareqcn5064_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9994qca9980qca6564a_firmwareipq8174_firmwareqcn9024_firmwareqca9880sd870sd210_firmwareqcs610_firmwareipq6018sa6145pqca9886_firmwareapq8096auar8031qcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwaresa8155pcsra6640ar8035_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830qcn9070sa8145p_firmwarecsra6620qcn9072qca9880_firmwareqca9992sd765g_firmwareqca6390_firmwareipq6000sd690_5gwcd9370ipq8072qcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074asd662qcn5124_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwaresa6155p_firmwaresm6225ipq8174qca9990sdxr2_5gqcn5052wcn3988_firmwareqcn9074sa6145p_firmwaresd205sa8195pwsa8810_firmwaresd765_firmwarewcd9335qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385ar8035csr8811qca6390qca9898_firmwareipq4019sd750g_firmwarewcd9375qcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwarewcn6850_firmwarewsa8815_firmwarewcn3620wsa8835_firmwareqca6564aqca8072wcn3990qcn9000sd865_5gar9380_firmwareqcn9012qcn6122_firmwareipq8065_firmwarewsa8835sd665_firmwareqcn5154qca8075_firmwareipq4018qca6574aqca9889qcn6132_firmwareipq8074qca9888qca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886sd665ipq8076sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd460qca6391qcn9100qcn9070_firmwareipq6028_firmwareipq8072a_firmwaresm6225_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwarewsa8810mdm9150qcn5022qca6564_firmwareipq6010_firmwaresd768gqca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30309
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.60%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewcn3991wsa8830wcd9380_firmwarewcn3990qcs610sd865_5gsdx55m_firmwaremdm9650wsa8835wcn3950_firmwaresd665_firmwarewcd9380sd765g_firmwareqca6390_firmwareqcs410sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd690_5g_firmwareqcs6125_firmwareqca6174awcn3990_firmwarewcd9335_firmwareqca9377wcn3980wcn3998wcd9385_firmwarewcn3950wcd9326_firmwareqcs605wsa8815wcn6850sd665mdm9650_firmwaresd765sd768g_firmwarewcd9375_firmwaresdx12_firmwarewcn3998_firmwarewcn3980_firmwaresm7250p_firmwaresd730sdxr1_firmwareqca6391sdx55mqcs6125wcn6851_firmwareqcs603wcn3988_firmwarewsa8810_firmwaresd765gwcd9341_firmwareqcm6125wsa8810sd765_firmwaresd870wcd9326wcd9335wcn6851qcs603_firmwareqcs610_firmwareqca6174a_firmwarewcd9385wcd9341sdxr1sd768gsd870_firmwareqca6391_firmwareqca6390wcd9375wcd9370_firmwarewsa8830_firmwaresd660sd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwaresd660_firmwarewsa8835_firmwaresm7250psdx12qcs410_firmwareqcm6125_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30264
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sm7250sa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwarewcn3998wcn3950qcn6024_firmwareipq8076amdm9206_firmwaresm6375_firmwarewcn3660bsd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareqrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430sd765gfsm10056_firmwarewcn6851sa6155pqcs603_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwareqcn5154_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028wcn3610qca6428_firmwareipq5018_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwarewcd9330msm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwareqcs605wsa8815wcn6850pmp8074_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwaresd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwareqca9880sd480sd870wcn6855qcn5121_firmwaresd210_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwarear8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55apq8053qcn5021_firmwarecsra6640sa8155psd675qca9531_firmwarear8035_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwareqcn5500wsa8830qca9561sd678qcn9070sa8145p_firmwarefsm10056sm7250_firmwareqca9563_firmwarecsra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sm8450ipq5018wcd9385_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3610_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174qca9990qcs6490qcn5052qca9367wcn3988_firmwareqcn9074sd205sa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwareqca6694sm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwarewcd9385qcs6490_firmwareqca6390qca9898_firmwarewcd9375aqt1000ar8035csr8811ipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620qca6564aqcm6125_firmwareqca9882qca8072wcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwaresm8450p_firmwareqcn9012qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwarewsa8835msm8996ausd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206wcn6855_firmwareqca9889qca9888ipq8074sm7325qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886qcn5502_firmwaresd855sd665ipq8076sd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwareapq8009sd460qca6391ipq6005aqt1000_firmwareqcn9100sdx65_firmwareqcm6490_firmwareqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwareqcm6125wsa8810sm8450pqcn5500_firmwaremdm9150wcn6856qcn5022wcn3680bsd768gipq6010_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029sm7325_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2021-30260
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.86%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023qca8337ar9380ipq8173_firmwareqcn5124mdm9645msm8992_firmwarewcn3950_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwareqca8081_firmwarewcn3998_firmwareqca6420apq8053_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareipq8072_firmwareqca0000sa8155_firmwareqca6430wcd9340sdm830_firmwaresd765gmdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd712sd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078sdx55m_firmwareipq8173msm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqcn9012_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6584_firmwaresd_8c_firmwaremdm9215_firmwareipq6028ipq8064sd835pmp8074qca1990wcn3980_firmwarewcn6745_firmwaresd730qca2062_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqca6234qcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031qca1023_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640qca9379qca6234_firmwareqcn7606wsa8830qca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca9378aqca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwareipq8074aapq8094sa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwarewcn3610_firmwareqca6584ausd778gipq8174qcn5052qca9367apq8092sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421sd778g_firmwaresa8195pqca6694wcd9326wcd9335qcn6023qcs4290_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sc8180x\+sdx55_firmwaresm6250_firmwaremsm8994apq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcm6125_firmwaresd780gsd865_5gqca6595sd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206wcn6855_firmwareqca9888qca6310_firmwaresm7325apq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sd665qca6175asd765qca6574a_firmwaresd850_firmwareapq8009mdm9310csrb31024_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwaresdm830ipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresm7325_firmwareqca2066sa6150p_firmwareqcs610qcn5550qca6431_firmwarewcd9360_firmwareqca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareipq8076amdm9628sd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwarewhs9410_firmwarewcn3999qrb5165_firmwareipq5028ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405sc8280xp_firmwareqca1990_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341qca2066_firmwareqca6431sd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqca9898ipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072awcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca6564auwcn6856_firmwareqcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870qcn5121_firmwaresd210_firmwareipq6018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresc8280xpsa8155psd675qca9378a_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresm7250_firmwaresd7c_firmwarecsra6620qcn9072sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605wcn6745qca2065sd662qcn5124_firmwareqca1064qca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310sa515m_firmwareqca9990sdxr2_5gsd821msm8994_firmwaresa6145p_firmwaremsm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwarear8035csr8811apq8064auqca6694_firmwareqcn9100_firmwaresd210sd820wcn6850_firmwarewsa8835_firmwarecsr6030_firmwareqca6564aqca8072qcm2290_firmwarewcn3990qcn9000sd_675ar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pipq4018qca6574aqca9889qca6174aipq8074qca9994_firmwarewcn6750ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290sdx50msdx20mdm9215sd_455ipq8074_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856sd_8cwcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30266
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:16
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250sa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqca6595au_firmwaresa6155qca6335qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareqca9987_firmwaresa415mwcn3998wcn3950qcn6024_firmwareipq8076amdm9206_firmwaresm6375_firmwarewcn3660bsd460_firmwarewcn7850qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430sd765gqualcomm215_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwareqca9988_firmwareqcn5154_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresd855_firmwarewcn3988qca6438wcn7850_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028wcn3610qca6428_firmwareipq5018_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwarewcd9330msm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558qca6574csr8811_firmwarewcd9380qualcomm215qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wsa8815wcn6850qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984ipq6028ipq8064qcn9024wcn3980_firmwaresd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwarear8031_firmwarewcn3680_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870wcn6855qcn5121_firmwaresd210_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwarear8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55apq8053qcn5021_firmwarecsra6640sa8155psd675qca9531_firmwarear8035_firmwareqcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwaresm7250_firmwarecsrb31024qca9563_firmwaremdm9650csra6620qca9987qcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareipq8069_firmwareapq8009_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sm8450ipq5018wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155qca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174wcn7851qca9990qcs6490sdxr2_5gqcn5052qca9367sa415m_firmwarewcn3988_firmwareqcn9074sd205sa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwareqca6694sm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390qca9898_firmwarewcd9375aqt1000ar8035csr8811ipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaresd210ipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqca6564aqca9988qcm6125_firmwareqca9882wcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwaresm8450p_firmwareqcn9012qca9558_firmwareqca9896_firmwarewsa8835ipq8065_firmwaremsm8996ausd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206wcn6855_firmwareqca9889qca9888qca6310_firmwaresm7325ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886qcn5502_firmwaresd855sd665ipq8076sd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwareapq8009sd460qca6391ipq6005aqt1000_firmwareqcn9100sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwareqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwareqcm6125wsa8810sm8450pqcn5500_firmwarewcn6856qcn5022wcn3680bsd768gipq6010_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2021-1923
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.02%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresm7250sa8145p_firmwareqcs2290_firmwaresm7250_firmwareqca6431_firmwarewcd9360_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwhs9410qsm8350_firmwaresd662qsm8350sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwareqca6420qca6436_firmwarewcd9360sd778gsa6155p_firmwarewhs9410_firmwaresdxr2_5gsa8155_firmwaresd662_firmwarewcn3988_firmwareqca6430sa6145p_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195psdm830_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851sa6155pqcs4290_firmwarewcd9385qca6431qca6696_firmwaresd750gsd870_firmwareqca6390wcd9375sd_8cxaqt1000sa8150psd750g_firmwaresm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gqca6595sdx24sdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresdx24_firmwaresm7325qca6430_firmwarewcn6750qca6574_firmwarewcd9340_firmwaresd855sm4125_firmwarewcn6850sd665wcn3910wsa8815sd_8c_firmwaresd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareqcm4290sdx50msd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd670qcm4290_firmwaresd480sd870wcn6855wsa8810wcn6856sd_8csa6145psd768gqca6595_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675sdm830sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-1963
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678sa6150p_firmwaresm7250sa8145p_firmwareqcs610wsa8830fsm10056qca8337sm7250_firmwareqca6431_firmwaremdm9650csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwaremsm8909wwcn3615apq8009w_firmwareqca6420qca6436_firmwarewcn3610_firmwarewcn3998_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresd778gwcn3999qrb5165_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd205qca6421sd778g_firmwaresm6250wcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcn6851wcd9335sa6155pqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwaresm6250_firmwarewcd9375wsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwarewcn3610qcm6125_firmwarewcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990sd_675msm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaremsm8909w_firmwareqca6574msm8996auwsa8835sd665_firmwarewcd9380sd888_5gwcn3999_firmwarequalcomm215qcs410qca6574asd690_5g_firmwaresdx50m_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6574_firmwarewcd9340_firmwaresd855wsa8815wcn6850sd665mdm9650_firmwaresd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqcm4290sdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwareapq8009wwcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wsa8810sd210_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sd_8csa6145psd768gapq8096auar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55apq8096au_firmwarecsra6640sa8155psd675sd720g_firmwaresdx12qcs410_firmwarear8035_firmwareqsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 20
  • 21
  • Next
Details not found