Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-35078

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-14 Jun, 2022 | 09:50
Updated At-04 Aug, 2024 | 00:33
Rejected At-
Credits

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:14 Jun, 2022 | 09:50
Updated At:04 Aug, 2024 | 00:33
Rejected At:
▼CVE Numbering Authority (CNA)

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Versions
Affected
  • AQT1000, AR8035, CSRB31024, QCA6174A, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6125, QCM6490, QCS2290, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, SA415M, SA515M, SC8180X+SDX55, SD 675, SD 8 Gen1 5G, SD 8CX, SD 8cx Gen2, SD460, SD480, SD662, SD665, SD670, SD675, SD678, SD680, SD690 5G, SD695, SD710, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX50M, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SW5100, SW5100P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
Problem Types
TypeCWE IDDescription
textN/AMemory leak in Data Modem
Type: text
CWE ID: N/A
Description: Memory leak in Data Modem
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:14 Jun, 2022 | 10:15
Updated At:19 Apr, 2023 | 17:10

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035_firmware>>-
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035>>-
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024_firmware>>-
cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024>>-
cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6174a_firmware>>-
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6174a>>-
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6390_firmware>>-
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6390>>-
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391_firmware>>-
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391>>-
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420_firmware>>-
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420>>-
cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6421_firmware>>-
cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6421>>-
cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426_firmware>>-
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426>>-
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430_firmware>>-
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430>>-
cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6431_firmware>>-
cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6431>>-
cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436_firmware>>-
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436>>-
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6564au_firmware>>-
cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6564au>>-
cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574a_firmware>>-
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574a>>-
cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574au_firmware>>-
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574au>>-
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6595au_firmware>>-
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6595au>>-
cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6696_firmware>>-
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6696>>-
cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8081_firmware>>-
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8081>>-
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8337_firmware>>-
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8337>>-
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca9377_firmware>>-
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca9377>>-
cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm2290_firmware>>-
cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm2290>>-
cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4290_firmware>>-
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4290>>-
cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6125_firmware>>-
cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6125>>-
cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6490_firmware>>-
cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6490>>-
cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs2290_firmware>>-
cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs2290>>-
cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-401Primarynvd@nist.gov
CWE ID: CWE-401
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

515Records found
CVE-2023-33103
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.28%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-10 Jan, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Multi-Mode Call Processor

Transient DOS while processing CAG info IE received from NW.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sg8275psg8275p_firmwarewcd9385_firmwaresnapdragon_8_gen_2_mobilefastconnect_7800qcm4490wcd9370_firmwaresnapdragon_x75_5g_modem-rf_firmwarewcd9390_firmwaresnapdragon_x65_5g_modem-rf_firmwareqcn6024qcs8550wcd9385snapdragon_8_gen_2_mobile_firmwarewcd9380snapdragon_x75_5g_modem-rfwcd9370wcd9390sm8550pwsa8815wcd9395_firmwareqca6698aq_firmwarewsa8845wsa8810fastconnect_6900_firmwareqcs4490_firmwarewcn3950qcm8550_firmwareqcn6024_firmwarewsa8845_firmwarefastconnect_6900qfw7124snapdragon_4_gen_2_mobile_firmwarewsa8832_firmwareqcn9024_firmwarewsa8830_firmwareqcc710snapdragon_x70_modem-rf_firmwarewcn3988qcc710_firmwareqca8337_firmwarewsa8835snapdragon_8_gen_3_mobilewcd9340_firmwaresnapdragon_8_gen_3_mobile_firmwarewsa8810_firmwarewsa8832qca6174a_firmwareqep8111_firmwarewcd9380_firmwareqcn9024qca8337wcd9395qca6698aqwsa8830wcn3950_firmwarewsa8845hqca6174awcn3988_firmwarewsa8840qcs8550_firmwarefastconnect_6700snapdragon_auto_5g_modem-rf_gen_2_firmwareqca8081_firmwaresnapdragon_x35_5g_modem-rf_firmwareqcs4490qca8081qca6584auar8035_firmwareqcn6224_firmwaresnapdragon_x65_5g_modem-rfwcd9340qcm4490_firmwaresnapdragon_8\+_gen_2_mobileqcn6274qca6584au_firmwareqcn6224wsa8815_firmwarewsa8845h_firmwaresnapdragon_4_gen_2_mobilesnapdragon_auto_5g_modem-rf_gen_2fastconnect_7800_firmwareqcm8550qfw7124_firmwareqep8111qfw7114wsa8835_firmwaresnapdragon_x35_5g_modem-rfwsa8840_firmwareqfw7114_firmwareqcn6274_firmwarear8035snapdragon_8\+_gen_2_mobile_firmwarefastconnect_6700_firmwaresnapdragon_x70_modem-rfsm8550p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2021-30293
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwareqcs610qca8337csrb31024mdm9628_firmwaremdm9650sdx65fsm10055_firmwarewcn3950_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6426qca6584au_firmwareqrb5165n_firmwaresm8450qca9377sa415mwcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950mdm9628sm6375_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584auqrb5165_firmwaresdxr2_5gmdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205wcd9340wsa8810_firmwaresd765gsm8450_firmwaresd765_firmwareqca6436wcn6851qca8081qcs603_firmwareqca6174a_firmwarewcd9385qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwarewcd9375wsa8830_firmwaresd210sd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315qca6564aar6003wcn3610mdm9640sm6375wcn3991qca8337_firmwarewcd9380_firmwaresd_675msm8996au_firmwaresd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresm8450p_firmwarewsa8835qcx315_firmwaremsm8996auwcd9380qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174amdm9615qcs605wcd9340_firmwarewsa8815wcn6850mdm9650_firmwaresd765mdm9215_firmwareqca6426_firmwareqca6574a_firmwaresd768g_firmwaresd730qca6391sdx55msdxr1_firmwarear6003_firmwaresdx65_firmwaresd678_firmwarecsrb31024_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwaremdm9215qca6574aumdm9607sd205_firmwareqca6564a_firmwaresd480sd870sm8450pwcn6855wsa8810sd210_firmwareqcs610_firmwarewcn6856qsm8250sdxr1sd768gqca6696qca6391_firmwarewcd9370_firmwaresdx55sd675mdm9615_firmwaresm7250pqcs410_firmwarear8035_firmwareqsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30310
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.47%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sm7250mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs2290_firmwaresm7250_firmwarecsrb31024mdm9628_firmwarewcd9360_firmwaremdm9650wcn3950_firmwaremdm9250sa8150p_firmwareqcs2290qca6595au_firmwaresd765g_firmwaresa6155apq8009_firmwaresd690_5gwcd9370qca6564qca6584au_firmwarewcn3990_firmwareqca9369qca9377qca4531wcn3998wcd9385_firmwarewcn3950wcd9326_firmwaremdm9628wcn3615_firmwaremdm9206_firmwarewcn3660bqca4020sa8155qca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwarewcd9360apq8053_firmwaresdx20mqca6564au_firmwareqca6584ausa6155p_firmwareqca6310qca9367_firmwaresa515m_firmwareqca9367sa8155_firmwaresd821mdm9607_firmwaremdm9655_firmwarewcn3988_firmwaresa6145p_firmwarewcd9340sa8195papq8017_firmwarewsa8810_firmwaresd765gsd765_firmwareqca4020_firmwarewcd9326wcd9335sa6155pqca6174a_firmwaremdm9250_firmwarewcd9385wcd9341mdm9655qca6696_firmwaresd750gwcn3910_firmwarewcd9375sd750g_firmwaresa8150pwsa8830_firmwaresd210sd820sdx20_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareapq8017qca6564awcn3610mdm9640qcm2290_firmwarewcn3991wcd9380_firmwareqca4531_firmwarewcn3990wcd9330msm8996au_firmwareqca6595qca6564ausdx24wsa8835qca6574msm8996auwcd9380qca9369_firmwareqca6574asd690_5g_firmwaremdm9206qca9379_firmwareqca6174asdx24_firmwareqca6310_firmwarewcd9335_firmwaresa515mqca6574_firmwareqca9886wcd9340_firmwarewsa8815wcn3910qca6320mdm9650_firmwareqca6175asd765wcn3660b_firmwareqca6574a_firmwaresd768g_firmwareapq8009wcd9330_firmwaresd821_firmwaremdm9626csrb31024_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaremdm9607qca6564a_firmwarewcd9341_firmwaresdx20m_firmwaresd480wsa8810sd210_firmwaresa6145pwcn3680bqca9886_firmwareqca6564_firmwaresd768gapq8096auqca6595_firmwaresa8145pqca6696sd820_firmwaresd845_firmwarewcd9370_firmwaresa6150psdx55apq8053apq8096au_firmwaresa8155psd845qca9379qca6175a_firmwareqcm2290Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-20
Improper Input Validation
CVE-2021-30301
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830sd678qca8337_firmwaresm6250p_firmwarewcd9380_firmwarewcn3990sd_675qca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresdx65wsa8835qcx315_firmwarewcn3950_firmwarewcd9380sd765g_firmwareqca6595au_firmwaresm6250pqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6574asd690_5g_firmwarewcn6855_firmwarewcn3990_firmwarewcn3980wcn3998wcd9385_firmwarewcn3950sd720gsa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815wcn6850sd765qca6574a_firmwaresd768g_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3980_firmwaresd730wcd9360qca6391sdx55msdx65_firmwaresd678_firmwaresa515m_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresm6250wsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870wsa8810wcn6851wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwaresd870_firmwareqca6696qca6391_firmwareqca6390ar8035wcd9375wcd9370_firmwaresm6250_firmwaresdx55sd675wsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psd720g_firmwareqcx315sm8475ar8035_firmwareSnapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-30326
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwareqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55msd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11241
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwarepmd9607_firmwareqca1023qca8337ar9380ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwarewcn3660bqsw8574_firmwaresd460_firmwaresmb2351_firmwareqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwareqca9888_firmwareqca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwaresd_8cxwtr3950sa8150ppm6350qdm5621qtc800sqat3514_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwarewcn3991qca9980_firmwareqpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwarepmm8996ausdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwareqcn9012_firmwarepmd9645qdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqln4640_firmwareqca9980qpm5621qcn9024_firmwareipq8174_firmwarepm8009_firmwareqpm6582qfs2580_firmwaresd670qcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarear8031qca1023_firmwareqpm5577wtr2965sd820_firmwareqca6391_firmwarepmx20_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwarepmi8994qpa8803_firmwareqca9379pm855bsmb2351qln1031qcn7606qpm5870pm8909wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024mdm9628_firmwaremdm9650pmx24_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qca9992qcs4290pmm855auqet6100mdm9250qca6420_firmwareapq8009_firmwaresd690_5gsmb1396pm7150asd675_firmwareipq8072pm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwarewcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052mdm9607_firmwaremdm9655_firmwareqdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sc8180x\+sdx55_firmwarepmm8195ausm6250_firmwareqln4642msm8994qpm5677_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarepm8998smr525_firmwarewsa8815_firmwareqpm8820_firmwarewtr3925_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwaresd865_5gqca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqca9369_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765pmx20pmd9607qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461wtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqpm5641_firmwareqca9889_firmwaresd710mdm9607qcn5122pm8008_firmwaresdx20m_firmwareqpm6621pmr735a_firmwarepmx50qcn5022qca6564_firmwaresdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075apq8096au_firmwareqcn6024qcn9022sd845sdm830ipq6000_firmwaresmb1357qcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550pmi8996qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020sd_675_firmwarewtr3905qdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sdr425_firmwaresmr526_firmwareipq8076amdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360sdx20mqca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwarepm8996qsm7250ipq4029_firmwareqcs6125ipq6010sd662_firmwaresmb1360qcs405rsw8577_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarepmc7180wcd9341qdm4643_firmwaremdm9655qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qca9898ipq4028qet4100wcn3610mdm9640qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650msm8996au_firmwaresdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6320mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mipq8064_firmwarepm670aqca6421_firmwarewtr3905_firmwareqat3518_firmwareqsw8574pmi8998ar8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwarepm8150b_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepmd9645_firmwareqcn5121_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621smb1360_firmwareqcn9072qet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686ipq8069_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018qca9369pmi632_firmwaresd_8cx_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwareqca9990sdxr2_5gsmb1398msm8994_firmwaresa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresd820smb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564apmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000sd_675qtm527ar9380_firmwarepmk8350sdx24qcn9012pmc7180_firmwarepmi8994_firmwarepm8350bqdm2307_firmwarewsa8835msm8996auqpm5657_firmwaresd888_5gsm6250prgr7640aupm855asdr660_firmwarepm8909_firmwareipq4018qca6574apm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwareqpm4640qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwareipq8076wtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwaremdm9626pm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareqca9990_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwareipq4029sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1964
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.45%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064sd_675_firmwaresa415mwcn3998wcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qca6430wcd9340sd765gqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910sd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareipq8078_firmwareqcn5054wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870qcn5121_firmwaresa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwarecsrb31024qca9563_firmwaresd_636qcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595ausm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwarewsa8835sd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwareqca9889sm7325pqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresm7315sd460qca6391ipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwarewsa8810qcn5500_firmwarewcn6856sd_8cqcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1955
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.85%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresa6150p_firmwareqca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917mdm8215sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremdm8615m_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020mdm9230_firmwaresm7315_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360sdx20mqca9367_firmwarewcn3999qcs6125sa8155_firmwaresd662_firmwaremdm9615mqca6430qcs405wcd9340sdm830_firmwaresd765gqualcomm215_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215mdm9230sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6584_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwarewcn6740_firmwarear6003_firmwaremsm8953sd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sd210_firmwaresa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439qet4101wcn3660qca9379ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwaresd662sa8155qca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310sa515m_firmwaresd429sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresa6145p_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mqca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaremsm8953_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9615sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresm7315apq8009sd460qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremdm9626qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremdm9215sd_455mdm9626_firmwareqca6574ausd710mdm8215m_firmwaremdm9607sa8155p_firmwaresd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500sa6150papq8096au_firmwaresd845mdm9615_firmwaresm7250psdm830sd720g_firmwaremdm9330qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2021-1974
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.85%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055sm7250sa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064qcs605_firmwaresd_675_firmwareqcs6125_firmwaresa415mwcn3998wcn3950qcn6024_firmwaresd720gsm4125ipq8076awcn3660bsd710_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420qca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwareqrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qca6430wcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5022_firmwarewcn6750_firmwareqca9898ipq4028wcn3610qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresdm429wipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910sd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9896qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870sd210_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55qcn5021_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qsm8250_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sm7250_firmwarecsrb31024qca9563_firmwaresd_636fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqca9563ipq8074asd662qcn5124_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3610_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sd429sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620qca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012qca9558_firmwareqca9896_firmwarewsa8835ipq8065_firmwaresdm429w_firmwaresd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aqca9889qca9888ipq8074sm7325qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm4125_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresd460qca6391aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856sd_8cqcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-47318
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.28%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-28 Nov, 2025 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in BT Controller

Transient DOS while parsing the EPTM test control message to get the test pattern.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn9000_firmwarewcd9380smart_audio_400_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwaresdx55snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmwarewcd9340_firmwareqca6688aqqam8650pqca6420_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca1062_firmwaresnapdragon_x72_5g_modem-rf_systemqcn9002sa6155psnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn9001_firmwareqamsrv1m_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_8\+_gen_2_mobile_platformsnapdragon_x5_lte_modemar8031qfw7124_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwareqcc2073home_hub_100_platform_firmwaresdx61aqt1000snapdragon_8cx_compute_platform_\(sc8180x-ab\)snapdragon_8_gen_2_mobile_platform_firmwaresm7325p_firmwareqcn9003_firmwareqcn9022_firmwareqam8255p_firmwaresdx61_firmwaresa8150p_firmwareqca2066_firmwaresnapdragon_w5\+_gen_1_wearable_platformqamsrv1h_firmwares3_gen_2_sound_platformsnapdragon_auto_4g_modemwcd9341_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6584_firmwaresd_8_gen1_5gsnapdragon_xr2\+_gen_1_platform_firmwareqcn6112wcd9360_firmwareqam8295pssg2115pwcd9385_firmwaresa7255p_firmwareqcn9072qca6391qcc5161_firmwaresa8295p_firmwareqca6584au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqcc7226wsa8810snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmwareqcn9024wsa8815srv1hvideo_collaboration_vc5_platformsnapdragon_xr2\+_gen_1_platformwcd9326_firmwaresnapdragon_778g_5g_mobile_platform_firmwaremdm9628_firmwarevideo_collaboration_vc5_platform_firmwareimmersive_home_214_platformqcc5161sm8550p_firmwareqca6574au_firmwaresd_8_gen1_5g_firmwareqcn6102snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)qca6595au_firmwaresnapdragon_8_gen_2_mobile_platformqcc7225_firmwareqcs8250_firmwareqcn7605csra6620qca6584auwcn3980qca1064_firmwarewcn7880_firmwareqcn6274snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)sa8150psnapdragon_ar1_gen_1_platform_\"luna1\"_firmwaresa8145p_firmwareqca6797aqqam8650p_firmwareqcn6224_firmwaresm8750_firmwareqca6564asmart_audio_400_platformsa8155pqcm6125snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)sw5100_firmwarewcd9385qca4024_firmwarewcd9380_firmwareimmersive_home_316_platform_firmwareqcn6024sm8750pqca6574awcd9340snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)wcn7880mdm9628wsa8845_firmwareqrb5165n_firmwarewcd9341sa7255pfastconnect_6200sg8275p_firmwareqca8337_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmwarecsra6640_firmwareqca6698aqqca6554a_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)_firmwarewsa8832qcc7225aqt1000_firmwaresnapdragon_ar1_gen_1_platform_firmwareqcn6224qcc2076snapdragon_7c\+_gen_3_computesnapdragon_ar1_gen_1_platformwcd9370qca8081_firmwareqcc710_firmwareqca6698aq_firmwarecsra6640apq8064au_firmwarefastconnect_6800qca6574a_firmwarewsa8832_firmwaresa8650psw5100psa4150psxr2230p_firmwarewcn7860qcc2076_firmwareqca6678aq_firmwareqcn9070immersive_home_216_platform_firmwaresm8550pmdm9640wcn7881_firmwareqcn9274_firmwareqcn6023_firmwareqcn9003qcn6102_firmwaressg2115p_firmwaresa8145pwsa8845h_firmwarewcd9395_firmwareapq8064auqca6678aqfastconnect_6900_firmwaresa8195pwsa8835_firmwaresa9000psa8295pipq5028wcd9390qcn9072_firmwarear8035snapdragon_888_5g_mobile_platformqcn6122sa8775p_firmwaresdx55_firmwareqcn7606_firmwareqam8775pqca6696_firmwareimmersive_home_214_platform_firmwareqca6797aq_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqcs8250qca6564au_firmwareapq8017sa8650p_firmwaresg8275_firmwareqcc711mdm9640_firmwareqcn9011_firmwaresxr2250p_firmwarewcn7881qca1062srv1mqcn9012_firmwarecsra6620_firmwarewcd9395qcn9012sxr2250pwsa8810_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcc7226_firmwarewcd9360qcn9002_firmwareqca6554awsa8840snapdragon_778g_5g_mobile_platformsxr1230pqcc7228_firmwareqcn7605_firmwarewcn7861_firmwarewsa8840_firmwareqcn7606snapdragon_8\+_gen_2_mobile_platform_firmwarefastconnect_6700_firmwareqcc711_firmwaresa8155_firmwaresg8275snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwares3_sound_platformfastconnect_6700qca6696wcn3950_firmwarewcn3980_firmwarewsa8845hqcn6100_firmwareqrb5165mrobotics_rb5_platformqcn6100sa4155p_firmwareqcn9100_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcn9074s5_sound_platform_firmwareqcn9011ssg2125p_firmwaresnapdragon_x5_lte_modem_firmwareqcn9274snapdragon_865_5g_mobile_platformqam8295p_firmwaresm7325pqcn6024_firmwareqfw7114wcd9326snapdragon_x55_5g_modem-rf_systemwcd9370_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_8_gen_1_mobile_platformar8035_firmwareqcn9000qcn9100wsa8845qcn6132snapdragon_865_5g_mobile_platform_firmwaremsm8996ausa8155wcn7860_firmwareqamsrv1hs5_gen_2_sound_platform_firmwareqcn9022sm8750qcm6125_firmwareqca6574snapdragon_xr2_5g_platformipq5010_firmwarewcn6740_firmwaresa6150p_firmwares5_sound_platformsa8255p_firmwareqcs7230_firmwaresm8750p_firmwaresxr1230p_firmwaresa6155snapdragon_782g_mobile_platform_\(sm7325-af\)sg8275ps3_sound_platform_firmwarerobotics_rb5_platform_firmwareqcn6122_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"fastconnect_7800_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwaresa7775pqca6584sxr2230psnapdragon_820_automotive_platformsa8620p_firmwarevideo_collaboration_vc1_platformsnapdragon_ar2_gen_1_platformqcs7230qca6175ahome_hub_100_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)sa8770pqrb5165nsrv1m_firmwarewcd9375qca6574_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareflight_rb5_5g_platform_firmwaresa8620psnapdragon_auto_5g_modem-rfapq8017_firmwareqcc7228sa6145p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqrb5165m_firmwareqca6430qcn9001qca6595_firmwareqam8775p_firmwareqca6391_firmwaresa8195p_firmwaresnapdragon_x65_5g_modem-rf_systemqca1064wcn6740qca8081qca6688aq_firmwarewcd9335_firmwaresw5100p_firmwaresa6155_firmwareqcn6112_firmwarecsrb31024_firmwaresa7775p_firmwareimmersive_home_318_platformsnapdragon_x75_5g_modem-rf_systemwcn7861wcd9335sa8775pwsa8815_firmwaresa9000p_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)wcd9390_firmwaremsm8996au_firmwarefastconnect_6900qam8255pqcn6274_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)fastconnect_6200_firmwarewsa8835sd865_5gfastconnect_6800_firmwareqca6175a_firmwarewcd9375_firmwareimmersive_home_318_platform_firmwareqca6564auqcn9074_firmwareflight_rb5_5g_platformsa6150pqca6595aus3_gen_2_sound_platform_firmwareqcc710ar8031_firmwareqcn9070_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwareimmersive_home_316_platformqcn9024_firmwaresa6155p_firmwaressg2125pqamsrv1mqca4024wcn3950sa4155psrv1h_firmwarefastconnect_7800qcs6125_firmwareqfw7124qcs6125sa6145psnapdragon_ar2_gen_1_platform_firmwareqfw7114_firmwares5_gen_2_sound_platformqcc2073_firmwareqca6174a_firmwareqca6564a_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmwareqca6174asnapdragon_w5\+_gen_1_wearable_platform_firmwaresa4150p_firmwareqca8337sw5100snapdragon_auto_4g_modem_firmwareqcn6132_firmwarewsa8830csrb31024wsa8830_firmwareqca6574auqcn6023qca6430_firmwaresa8155p_firmwareipq5028_firmwareqca2066immersive_home_216_platformipq5010sa8770p_firmwareqca6420snapdragon_xr2_5g_platform_firmwareqca6595sd865_5g_firmwaresa8255pSnapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2021-1971
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqca2066wsa8830qcn9070sa6150p_firmwaresa8145p_firmwareqcn5550qca1062_firmwareqca8337ipq8173_firmwareqca6431_firmwarecsrb31024wcd9360_firmwareqcn5124qca4024_firmwareqcn9072ipq8078asa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresa6155qca2064_firmwareqca2062ipq6000qcn5064ipq8072qcn5152_firmwareqca6426qca6584au_firmwareqcn9000_firmwareqca9984_firmwareipq5018sa415mwcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwareipq8076aqcn6024_firmwarewcn6745qsm8350_firmwareipq8074aqca2065qcn5124_firmwareqsm8350qca1064qca6428sa8155qca6574au_firmwareqcn5122_firmwareipq8071qcn5164_firmwareqca6595auqca8081_firmwareqcn6023_firmwaresa6155_firmwaresdx55_firmwarewcn3998_firmwareqca6420qca6436_firmwarewcd9360qca6438_firmwareipq5010qca6564au_firmwareqca6584auipq8070_firmwaresa6155p_firmwareipq8078a_firmwareipq8174sa515m_firmwaresdxr2_5gipq8072_firmwareqcn5052sa8155_firmwareipq6010sa415m_firmwaresc8280xp_firmwareqca6430qcn9074sa6145p_firmwareqca6421wcd9340sa8195pwsa8810_firmwareqca6694qca6436wcn6851sa6155pqca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca9888_firmwarewcd9341qca2066_firmwareqca6431qca6696_firmwareqca2065_firmwaresd870_firmwareqca1062qcn5154_firmwarear8035csr8811qca6390aqt1000qca6694_firmwaresa8150psd_8cxqcn9100_firmwarewsa8830_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwareqca6438sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcn5121qcx315qcn5022_firmwareqca6564awcn6750_firmwareqca6428_firmwareipq5018_firmwareqca8072qca8337_firmwarewcd9380_firmwareqcn9000ipq8072aipq8076a_firmwaresd865_5gqca6595ipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn9012qcn5164wsa8835qca6574qcx315_firmwarecsr8811_firmwarewcd9380sd888_5gqcn5054_firmwareqcn5154qca8075_firmwareqca6574aqcn5024ipq6005_firmwarewcn6855_firmwareqca9889ipq8074qca8072_firmwareqca9888qca6430_firmwareqcn5052_firmwareqcn9012_firmwarewcn6750ipq8070a_firmwareipq6018_firmwareipq8076_firmwaresa515mqca6574_firmwarewcd9340_firmwarewsa8815wcn6850ipq8076qca6175asd_8c_firmwareqca6426_firmwareqca6574a_firmwareqca9984ipq6028qcn5021qcn5152qcn9024wcn6745_firmwareqcn5550_firmwareqca6391sdx55mqca6421_firmwareipq6005aqt1000_firmwareqca2062_firmwareqcn9100qcn5064_firmwarecsrb31024_firmwareipq8078_firmwareqcn5054qcn9070_firmwarewcn6851_firmwareipq8070ipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122qca6564a_firmwareipq8174_firmwareqcn9024_firmwarewcd9341_firmwarewsa8810sd870qcn5121_firmwarewcn6855wcn6856sd_8cipq6018qcn5022sa6145pipq6010_firmwareqca6595_firmwareqca1064_firmwaresa8145pqca6696qca6391_firmwareqca2064qca4024sa6150psdx55qca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022sa8155psc8280xpipq8070aqcn9072_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareqca6175a_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2021-1914
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcd9360_firmwarewcn3950_firmwareqca6595au_firmwareqca6335msm8917sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwareqca6430wcd9306_firmwarewcd9340sd765gqualcomm215_firmwareqca6436wcn6851qcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwareqca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxmdm9207_firmwareqca4004wsa8830_firmwaresd855_firmwaresd865_5g_firmwaresd712wcn3988msm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640wcn3991sda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwaresd439_firmwareqca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730wcd9330_firmwaresdx55mqca6421_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwaresdxr1apq8096aumdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678sm7250_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcn3615_firmwareapq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208qca6310sa515m_firmwaresd429sdxr2_5gqca9367sdm630mdm9607_firmwaresd821msm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315csr6030_firmwareqca6564aqcm6125_firmwaresd_675sd865_5gsdx24msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250psc8180xqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwarewcn6750mdm9205sa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaresd_455sc8180x_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845apq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-1941
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055qca2066sm7250sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca6431_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420qca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430sc8280xp_firmwarewcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431qca6696_firmwarewcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwarewcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9896qcn5502qca9994qca6164_firmwareqca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd870wcn6855qcn5121_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6164sdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwaresc8280xpqcn5021_firmwaresa8155pcsra6640sd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqca1062_firmwareqcs2290_firmwarefsm10056sm7250_firmwaresd7c_firmwarecsrb31024qca9563_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000qca6174_firmwaresd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqca9563ipq8074aqca2065sd662qcn5124_firmwareqca9982qca1064sa8155qca6320_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421sm6250sa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qca2065_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwarewsa8835ipq8065_firmwaremsm8996ausd665_firmwaresm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwarewcn6855_firmwareqca9889qca6174aqca9888qca6310_firmwareipq8074qca9994_firmwareipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856sd_8cqcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1953
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca2066sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062qcn5064sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076aqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qca6438_firmwareipq8070_firmwarewhs9410_firmwareipq8078a_firmwarewcn3999ipq5028ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareqcs405qca6430sc8280xp_firmwarewcd9340sdm830_firmwaresd765gqca6436wcn6851sa6155pqcs603_firmwareqca9888_firmwareqcn6122wcd9341qca2066_firmwareqca6431qca6696_firmwarewcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwaresd712wcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwaresdx50m_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwarewcn3910qca6320sd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwarewcn6745_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareipq8078_firmwareqcn5054wcn6851_firmwareqcs603ipq8070qca9994qca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwaresd480sd870wcn6855qcn7605_firmwareqcn5121_firmwareqcs610_firmwaresa6145pipq6018sdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwaresc8280xpqcn5021_firmwaresa8155pcsra6640sd675ar8035_firmwareqcm2290qcn7606qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa8145p_firmwareqca1062_firmwareqcs2290_firmwaresd7c_firmwarecsrb31024sd_636csra6620qcn9072qca9992sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwareqcn7605wcn6745ipq8074aqca2065sd662qcn5124_firmwareqca1064sa8155qca6320_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sc8180x\+sdx55_firmwaresm6250_firmwarecsr8811qcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwarewsa8835sd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwarewcn6855_firmwareqca9889qca6174asm7325pqca9888qca6310_firmwareipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076qca6175asd765qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100csrb31024_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresd_455ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810wcn6856sd_8cqcn5022sd835_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250psdm830ipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30304
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.98%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwareqca2062_firmwareqca2066wcd9380_firmwarewsa8830wcd9385qca2066_firmwareqca2065_firmwarewcd9385_firmwarewcn6851_firmwarewcn6856_firmwareqca2064sc8280xp_firmwaresc8280xpwcn6850qca2065wsa8830_firmwarewsa8835wcn6850_firmwarewsa8835_firmwarewcd9380wcn6855wcn6851qca2064_firmwareqca2062wcn6856Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30340
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.41%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6391sdx55mwcd9360qca6436_firmwarewcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55wsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30287
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830sd678qca8337_firmwaresm6250p_firmwarewcd9380_firmwarewcn3990sd_675qca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcn3950_firmwarewcd9380sd765g_firmwareqca6595au_firmwaresm6250pqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6574asd690_5g_firmwarewcn6855_firmwareqca6426wcn3990_firmwarewcn3980wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815wcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3980_firmwaresm7315wcd9360qca6436_firmwaresd730qca6391sdx55msdx65_firmwaresd678_firmwaresa515m_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausm6250wsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresm6250_firmwaresdx55sd888_firmwaresd675wsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psd720g_firmwareqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33294
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.44%
||
7 Day CHG-0.10%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer dereference in Modem

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206wcd9306snapdragon_wear_1300mdm8207snapdragon_wear_1200wcd9330mdm9207snapdragon_x5_lte_modem_firmwaremdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwaremdm9205qca4004_firmwaremdm9206_firmwaremdm9207_firmwareqca4004qts110wcd9306_firmwaresnapdragon_wear_1100_firmwaresnapdragon_wear_1300_firmwarewcd9330_firmwaresnapdragon_wear_1200_firmwaresnapdragon_x5_lte_modemqts110_firmwareSnapdragon
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-28555
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.70%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Transient DOS in Audio while remapping channel buffer in media codec decoding.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqca8337wcn785x-5mdm9628_firmwarewcn3950_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresm8350wcd9370ssg2115pwcn685x-1sm8450wcn3998wcd9385_firmwareqam8295pwcn3950qcn6024_firmwaremdm9628sm6375_firmwareqam8295p_firmwareqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm6225-adwcd9375_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresm6225sm6225-ad_firmwaresa4155p_firmwarewcn3988_firmwaresa6145p_firmwaresa8195pwsa8810_firmwaresm8450_firmwaresw5100snapdragon_ar2_gen_1_platform_firmwaresa6155psg4150pqca8081qcm4490wcn685x-1_firmwarewcd9385qca6696_firmwarear8035sm4350_firmwarewcd9375sa8150pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475sa8295p_firmwareqca6564awcn6750_firmwaresg4150p_firmwaresa4150pwcn785x-1qcm4325sm6375wcn3991qca8337_firmwarewcd9380_firmwaressg2125psw5100psd865_5gsnapdragon_w5\+_gen_1_wearable_platformqca6564ausm8350-ac_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_auto_5g_modem-rfwcd9380ssg2125p_firmwareqca6574awcn685x-5_firmwaresxr1230pwcn6750wcn3980qcm4325_firmwareqca6574_firmwarewsa8815sxr2230psnapdragon_xr2_5g_platform_firmwaresm4450qca6574a_firmwareqcn9024wcn785x-5_firmwarewcn3980_firmwaresa8295psm8475_firmwarewcn6740_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwaresm8350_firmwarewcn685x-5sm6225_firmwarewcn785x-1_firmwareqca6574ausa8155p_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810wsa8832sw5100p_firmwaresnapdragon_ar2_gen_1_platformsa6145psm8350-acqcs4490sa8145pwcn6740qca6696sa4150p_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresa6150psdx55sa8155pqcn6024ssg2115p_firmwaresw5100_firmwaresa4155par8035_firmwareSnapdragonqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaremdm9628_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9385_firmwareqcn6024_firmwareqcm4325_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn6740_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm4490_firmwareqcs4490_firmwarewsa8832_firmwaresa4155p_firmwarefastconnect_6900_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6696_firmwaresa4150p_firmwarewcd9370_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresa8295p_firmwaresg4150p_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33305
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.21%
||
7 Day CHG+0.02%
Published-02 May, 2023 | 05:08
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null pointer dereference in Modem

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830sm7325-ae_firmware315_5g_iot_modem_firmwareqcs2290_firmwareqca8337wcn785x-5wcd9360_firmwarecsra6620sm7250-ac_firmwareqcs4290wcn3950_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresnapdragon_x70_modem-rf_systemsm8350wcd9370csra6620_firmwarecsra6640_firmwaresm6115wcn685x-1qcs400_firmwaresm7350-ab_firmwaresm8450sm4375wcn3998sm8250-abwcd9385_firmwarewcn3950qcn6024_firmwaresm6375_firmwaresm7325-afsm7315_firmwaresm7325-aesnapdragon_x55_5g_modem-rf_systemsdx55_firmwaresm4250-aaqca6595auwcn3998_firmwareqca8081_firmwaresm6225-adsm7250p_firmwaresm7325-af_firmwarewcd9375_firmwarewcd9360sm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresm6225snapdragon_x70_modem-rf_system_firmwaresm6225-ad_firmwareqcs6490sm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemsm7250-aawsa8810_firmwaresm4375_firmwaresm8450_firmwaresw5100wcd9335sg4150pqca8081wcn685x-1_firmwareqcs4290_firmwarewcd9341wcd9385qca6696_firmwareqcs6490_firmwareqca6390ar8035sm4350_firmwarewcd9375wcn3910_firmwaresm8250-ac_firmwarewsa8830_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490wcn3988wsa8815_firmwarewsa8835_firmwaresm4250-aa_firmwaresm7350-absm8475wcn6750_firmwaresg4150p_firmwarewcn785x-1qcm4325qcm2290_firmwaresm6375sm6115_firmwareqca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformsm8350-ac_firmwaresd888wsa8835snapdragon_7c\+_gen_3_computesnapdragon_auto_5g_modem-rfwcd9380qca6574awcn685x-5_firmwaresm7325psm7325wcn6750wcd9335_firmwarewcn3980qcm4325_firmwaresm7250-abwsa8815sm7325p_firmwarewcn3910sdx57m_firmwareqca6574a_firmwareqcn9024wcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwarewcn3980_firmwaresm6350sm8475_firmwarewcn6740_firmwaresnapdragon_x65_5g_modem-rf_systemqcm4290qcm6490_firmwaresm8350_firmwarewcn685x-5sm6225_firmwaresm6350_firmwarewcn785x-1_firmwareqcn9024_firmwaresdx57mwcd9341_firmwareqcm4290_firmwaresm7250-aa_firmwarewsa8810sm7250-acsw5100p_firmwaresm8350-acwcn6740qca6696qca6391_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640qcn6024sm7250psw5100_firmwareqcs400ar8035_firmwareqcm2290sm7325_firmwareSnapdragon
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-25858
Matching Score-8
Assigner-JFrog
ShareView Details
Matching Score-8
Assigner-JFrog
CVSS Score-7.5||HIGH
EPSS-2.72% / 86.12%
||
7 Day CHG~0.00%
Published-15 Oct, 2020 | 15:11
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the process, causing denial of service. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qualcomm_mobile_access_pointQualcomm QCMAP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-25670
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.91%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwaresm6250p_firmwarewcn3998_firmwareqcs2290_firmwareqca8337mdm9628_firmwaremdm9650sdx65csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwareapq8009_firmwaresa6155msm8917sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6426sd632wcn3990_firmwareqrb5165n_firmwareqca9377wcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125mdm9628sd720gwcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd662sd460_firmwareqca4020sa8155qca6584qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwareqca6420qca6436_firmwareapq8053_firmwareqrb5165nwcn3610_firmwaresm7450_firmwareqca6564au_firmwaresa6155p_firmwareqca9367_firmwarepm8937wcn3999wcn7851sd429qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqca9367sa8155_firmwaresd662_firmwaremdm9607_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca4020_firmwareqca6436wcd9326sa6155pwcd9335wcn6851qca8081wcn7851_firmwaremsm8937qca6174a_firmwareqcs4290_firmwarewcd9385wcd9341wcn3660_firmwarepm8937_firmwareqca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwaresdx20_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm7450apq8017sm8475qca6564awcn6750_firmwaresd450wcn3610mdm9640qcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gwcn3615qca6564ausdx55m_firmwarewcn6856_firmwarewcd9375_firmwaremsm8909w_firmwareqca6574sd632_firmwarewsa8835wcd9380sd888_5gsm6250pwcn3999_firmwarequalcomm215qca6574asd690_5g_firmwarewcn6855_firmwareqca9379_firmwareqca6174aqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwarewcn6750qca6574_firmwareqcs605sd855sm4125_firmwarewcn6850wsa8815wcn3910qca6584_firmwaremsm8937_firmwaremdm9650_firmwareqca6175asd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwareapq8009qca6391sd460sd730sdx55msm8475_firmwareaqt1000_firmwaremsm8953sdx65_firmwaremdm9626sd678_firmwarear8031_firmwareqcm4290wcn3680_firmwarewsa8832_firmwaresdx20qrb5165wcn6851_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaremdm9607qca6564a_firmwareapq8009wwcd9341_firmwareqcm4290_firmwaresd870wsa8810wcn6855wsa8832wcn6856sa6145pwcn3680bsd768gapq8096auar8031qcs405_firmwareqca6696qca6391_firmwarewcd9370_firmwaresdw2500sdx55apq8053apq8096au_firmwarecsra6640sa8155psd675sd439sm7250psd720g_firmwaresdx12wcn3660sm8475p_firmwareqca9379qca6175a_firmwarear8035_firmwareqcm2290sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21658
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.05%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-Read in WLAN Firmware

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca2066qca8337ar9380ipq8173_firmwareqam8775pqcn5124qca4024_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca2062sm8350wcn685x-1sm7350-ab_firmwareqca6554a_firmwareqam8295pwcn3950ipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwarewcn3660bqca8084_firmwareqsm8350_firmwareqsm8350qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn9002qca9986snapdragon_auto_5g_modem-rf_firmwareipq8065ipq8078a_firmwareqca6678aq_firmwareipq5028qca6698aqipq6010ipq8068qcn6132qca6436qca6698aq_firmwarewcn685x-1_firmwareqca9888_firmwareqam8775p_firmwareipq8068_firmwareqca2066_firmwareqcn6122qca6696_firmwaresa8255pipq9008_firmwareqcn5154_firmwareqca6797aqsm8250-ac_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aqca9980_firmwaresdm429wipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcn9001_firmwareipq9008qcn5164sdm429qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sxr1230pqca8072_firmwareqca9985qcn5052_firmwareqcn9274_firmwareqcc2073_firmwareipq6018_firmwarewsa8815qcn6112sdm429_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064qcn9024ipq9574_firmwareipq8064_firmwaresa8295psm8475_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemipq8078_firmwareqcn5054sm8350_firmwareqca9994qca6797aq_firmwarewcn785x-1_firmwareqca9980qcn9024_firmwareipq8174_firmwarewsa8832ipq6018qca9886_firmwareimmersive_home_214_platformqcs4490qca6595_firmwaresc8280xp-bbqca6391_firmwareimmersive_home_214_platform_firmwareqca2064qca4024wcd9370_firmwaresd888_firmwaresm8250ssg2115p_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650pwcn785x-5qca8082qcn9072qca8386sc8280xp-bb_firmwareqca9992qca6390_firmwareqca2064_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6426sc8280xp-abqca6584au_firmwareqcn9000_firmwareqca9984_firmwaresm8450sm8250-abwcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwareqca6595auqcn6023_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcn9274ipq8174qca9990qcn9001qcs6490qcn5052qcs8550_firmwaresm8250_firmwareqcn6112_firmwaresm8250-acqcn9074qca8085wsa8810_firmwaresm8450_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwareqca8081ipq8071aqcm4490qcn6023ipq8071a_firmwarewcd9385qca8085_firmwaresxr2130_firmwareqca2065_firmwareqcs6490_firmwareqca6390ar8035csr8811wcd9375qcn9100_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwareqcm6490wsa8815_firmwarewcn3620wsa8835_firmwaresm7350-abwcn785x-1qca8072qcn9000qca6554asd865_5gqca6595ar9380_firmwaresm8350-ac_firmwaresd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresdm429w_firmwarewsa8835snapdragon_auto_5g_modem-rfsd_8_gen1_5gqcn5154qca8075_firmwaressg2125p_firmwareqca6574asxr2130wcn685x-5_firmwareqca9889qcn6132_firmwareqcn9003_firmwareqca9888wcn6750qca9994_firmwareqcc2076_firmwareipq8070a_firmwareqcn9003ipq8076_firmwareqca6574_firmwareqca9886sxr2230pipq8076snapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152wcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391sc8280xp-ab_firmwareqcn6102qcn9100qcm4490_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwareipq9574qcn5122wsa8810snapdragon_ar2_gen_1_platformqcn5022sm8350-acqam8650p_firmwareipq6010_firmwarewcn6740qca6696qcs8550qca8075qcn9022_firmwareqcn6024qcn9022qcc2076qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073Snapdragonqcn5024_firmwareqam8255p_firmwareqca9985_firmwareqca8337_firmwareqca9980_firmwareipq8076a_firmwareipq8173_firmwarear9380_firmwareqcn9001_firmwareqca4024_firmwareqcn6122_firmwareipq8065_firmwaresdm429w_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq5028_firmwareqca6595au_firmwareqcn5054_firmwareqca2064_firmwareqca8075_firmwareqcn5152_firmwareqcn6132_firmwareqcn9003_firmwareqca6584au_firmwareqca8072_firmwareqcn9000_firmwareqca9984_firmwareqca9994_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareqca6554a_firmwareipq8070a_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareipq6018_firmwaresd_8_gen1_5g_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwareqsm8350_firmwareqcn5124_firmwareqam8295p_firmwareqca9986_firmwareqcn6100_firmwareqcn6102_firmwareqca6426_firmwareqca8082_firmwaresnapdragon_429_mobile_platform_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwareipq8064_firmwareqca2062_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcm4490_firmwareipq8078a_firmwareqca6678aq_firmwareqcs4490_firmwareqcm6490_firmwareipq8078_firmwareqcn9070_firmwarefastconnect_6900_firmwareqcs8550_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqca6797aq_firmwareqca9889_firmwarefastconnect_6700_firmwareqcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqca9886_firmwareipq8071a_firmwareqam8650p_firmwareqca9888_firmwareqca8085_firmwareqam8775p_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwareqca2065_firmwareqcs6490_firmwareipq6010_firmwareqca6595_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresd888_firmwareqcn9100_firmwareqcn9022_firmwareqca9992_firmwaresd865_5g_firmwareqca9990_firmwareipq5010_firmwareipq8074a_firmwareqcn9002_firmwareqcn9072_firmwaresnapdragon_780g_5g_mobile_platform_firmwareipq6000_firmwaresnapdragon_865_5g_mobile_platform_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcn5022_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-22091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.18%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwareqca6335msm8917qcs605_firmwaresd_675_firmwaresd780qcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcn3950sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwareqca6420apq8053_firmwarewcd9360sm7450_firmwaresd680_firmwaresd_8cx_gen2qcs6125sd662_firmwareqca6430wcd9340qualcomm215_firmwaresw5100qca6436sd680wcn6851sd778_firmwareqcs603_firmwarewcn7851_firmwaresd768_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresm8475wcn6750_firmwaresd768sd450wcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwaresd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6426_firmwarewcn3660b_firmwaresd695wcn3980_firmwaresd730sdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarewcn6851_firmwareqcs603sd_636_firmwaresd670qcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresd695_firmwaresdxr1sdm630_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439wcn3660sm8475p_firmwarear8035_firmwareqcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024sd_636qcs4290qca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6426wcn3990_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662wcn3680b_firmwaresdx55_firmwareqca6595auwcn3615sm7250p_firmwareqca6436_firmwareqca6564au_firmwareqca6310sa515m_firmwaresd429wcn7851sdxr2_5gsdm630sa415m_firmwarewcn3988_firmwaresd429_firmwareqca6421sd712_firmwaresm6250apq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385ar8035qca6390sd750g_firmwareaqt1000wcd9375sc8180x\+sdx55_firmwaresm6250_firmwaremsm8953_firmwaremsm8917_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwaresm7450apq8017qcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780_firmwaresd865_5gsdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174aqca6310_firmwarewcn6750sd778sa515msd855sm4125_firmwaresd665sd765qca6574a_firmwaresd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920sdx65_firmwareqcm4290csrb31024_firmwarewsa8832_firmwaresdx20sd480_firmwaremsm8920_firmwareqca6574ausd710wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bwcn6740qca6696sd845_firmwaremsm8940sd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresd850sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2023-33019
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.71%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authorization in WLAN Host

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_653_firmwaresnapdragon_429_firmwaresnapdragon_x20_ltemdm9628_firmwaremdm9650snapdragon_208csra6620smart_audio_400snapdragon_wear_2100snapdragon_212snapdragon_439mdm9250qca6595au_firmwaresnapdragon_wear_4100\+csra6620_firmwaresnapdragon_617_firmwareapq8076csra6640_firmwaresnapdragon_653snapdragon_x5_lteqca6584au_firmwareapq8076_firmwaresnapdragon_632msm8108qca9377qca6554a_firmwaremsm8108_firmwarewcd9326_firmwarefastconnect_6200mdm9628wcn3615_firmwaresnapdragon_wear_2500snapdragon_212_firmwarewcn3660bsnapdragon_626_firmwaresnapdragon_650snapdragon_617qca6584qca6574au_firmwarewcn3680b_firmwareqca6595ausmart_audio_200wcn3615snapdragon_x5_lte_firmwaremsm8909wwcn3610_firmwaresdx20mqca6564au_firmwareqca6584ausnapdragon_626qca9367_firmware9206_lte_firmwareqca9367apq8056_firmwaresnapdragon_450_firmwaresnapdragon_652_firmwarec-v2x_9150apq8017_firmwaresd626_firmwarewsa8810_firmware205wcd9326wcd9335snapdragon_x20_lte_firmwaresnapdragon_1200apq8052msm8209_firmwareqca6174a_firmwaremdm9250_firmwarewcn3660_firmwareqca6696_firmwaresnapdragon_210_firmwarehome_hub_100snapdragon_450apq8056wcn3620_firmwarewsa8815_firmwarewcn3620snapdragon_820apq8017qca6564avision_intelligence_200_firmwarewcn3610snapdragon_wear_2500_firmwaremsm8608sdm429wmsm8996au_firmwareqca6554asnapdragon_425_firmwaresnapdragon_x12_lte_firmwarewcd9330qca6595snapdragon_1200_firmwareqca6564aumsm8909w_firmwareqca6574msm8996au215_firmwaresdm429w_firmwaresnapdragon_650_firmwaresnapdragon_auto_5g_firmwaresnapdragon_652qca6574asnapdragon_auto_5gqca9379_firmware9206_lteqca6174asnapdragon_210snapdragon_wear_3100c-v2x_9150_firmwaresd626snapdragon_wear_2100_firmwarewcd9335_firmwareapq8052_firmwarewcn3980home_hub_100_firmwaresnapdragon_625qca6574_firmwarevision_intelligence_200wsa8815qca6584_firmwaremdm9650_firmwareqca6175asnapdragon_208_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwarefastconnect_6200_firmwaremsm8209wcn3980_firmwarewcd9330_firmwarevision_intelligence_100snapdragon_632_firmwaresnapdragon_625_firmwaresmart_audio_200_firmware205_firmwaresnapdragon_wear_4100\+_firmwarear8031_firmwarewcn3680_firmwaresmart_audio_400_firmwaresnapdragon_820_firmwareqca6574auqca6564a_firmwaresdx20m_firmwarewsa8810215smart_display_200_firmwaresnapdragon_429snapdragon_439_firmwaresnapdragon_x12_ltesnapdragon_wear_3100_firmwarewcn3680bar8031qca6595_firmwareqca6696snapdragon_425msm8608_firmwaresmart_display_200csra6640wcn3660qca9379qca6175a_firmwarevision_intelligence_100_firmwareSnapdragonqca9377_firmwaremsm8996au_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwaremsm8909w_firmwaresnapdragon_wear_2100_platform_firmwaresdm429w_firmwaresnapdragon_x20_lte_modem_firmwaresnapdragon_653_mobile_platform_firmwareqca6595au_firmwaresnapdragon_450_mobile_platform_firmwarecsra6620_firmwaresnapdragon_425_mobile_platform_firmwarecsra6640_firmwareqca9379_firmwareqca6584au_firmwareapq8076_firmwarec-v2x_9150_firmwarewcd9335_firmwareapq8052_firmwareqca6554a_firmwaremsm8108_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwareqca6574_firmwareqca6584_firmwaremdm9650_firmwaresnapdragon_439_mobile_platform_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwareqca6574a_firmwareqca6574au_firmwaresnapdragon_208_processor_firmwarewcn3680b_firmwaresnapdragon_212_mobile_platform_firmwarefastconnect_6200_firmwarewcn3980_firmwarewcd9330_firmwarewcn3610_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaresmart_audio_400_platform_firmwaresnapdragon_632_mobile_platform_firmwaresnapdragon_x5_lte_modem_firmwarear8031_firmwarewcn3680_firmwareapq8056_firmware9206_lte_modem_firmwaresmart_audio_200_platform_firmwareqca6564a_firmwareapq8017_firmwaresd626_firmwaresnapdragon_626_mobile_platform_firmwarewsa8810_firmwaresdx20m_firmwarehome_hub_100_platform_firmwaremsm8209_firmwarequalcomm_215_mobile_platform_firmwareqca6174a_firmwaresnapdragon_617_processor_firmwaremdm9250_firmwarequalcomm_205_mobile_platform_firmwarewcn3660_firmwaresnapdragon_wear_2500_platform_firmwareqca6696_firmwareqca6595_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_650_mobile_platform_firmwaremsm8608_firmwaresnapdragon_210_processor_firmwaresnapdragon_652_mobile_platform_firmwarewcn3620_firmwarewsa8815_firmwaresnapdragon_wear_3100_platform_firmwareqca6175a_firmwaresnapdragon_625_mobile_platform_firmware
CWE ID-CWE-285
Improper Authorization
CVE-2023-33015
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.65%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca2066sa6150p_firmwareipq4028_firmwaresc8180x-ab_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresnapdragon_8_gen_1sc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qca2062snapdragon_x55_5gsnapdragon_xr2\+_gen_1sc8180xp-adqca6554a_firmwareqam8295pwcn3950qcn6024_firmwareipq8076asd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350snapdragon_x65_5g_firmwaresm7315_firmwaresnapdragon_778g\+_5gqca6428snapdragon_x55_5g_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2_5gqca6438_firmwareqca9986snapdragon_888_5gipq8070_firmwaresc8180xp-afipq8065ipq8078a_firmwareqca6678aq_firmwareqrb5165m_firmwareipq5028ipq4029_firmwaresc8180xp-aa_firmwareqca6698aqsa8155_firmwareipq6010ipq8068qca6430snapdragon_870_5gsnapdragon_778g\+_5g_firmwarewcd9340qcn6132qca6436sa6155pqca6698aq_firmwaresnapdragon_865\+_5g_firmwareqca9888_firmwareqcn6122wcd9341sa8255pipq8068_firmwareqca6696_firmwareqca2066_firmwareqca6431sc8180xp-ab_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqsa8150psnapdragon_auto_4g_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresnapdragon_778g_5gqca6438sa8195p_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresnapdragon_865_5g_firmwareqca9898sa8295p_firmwareipq4028qca6428_firmwareqca9985_firmwareimmersive_home_216_firmwareipq4018_firmwareqca8337_firmwaressg2125pwcd9380_firmwareipq8072aqca9980_firmwareimmersive_home_214_firmwareipq8076a_firmwareipq8078qca6564auipq8173snapdragon_8_gen_1_firmware315_5gqcn5164snapdragon_ar2_gen_1qca6574csr8811_firmwarewcd9380sc8180xp-aafastconnect_6700qcn5054_firmwareqcn5024snapdragon_auto_5gsxr1230psc8180xp-ad_firmwareqca9985qcn9012_firmwareqca8072_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815pmp8074_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9986_firmwareqcs8250qca6426_firmwareqca9984ipq6028ipq8064sc8180x-adpmp8074qcn9024wcn3980_firmwaresnapdragon_888_5g_firmwareipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwareipq8070immersive_home_318qca9994qca6797aq_firmwareqca9980qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_1_firmwarewsa8832sc8180xp-ac_firmwareqcn7605_firmwareqsm8250sa6145pipq6018qca9886_firmwareqcs4490qca6595_firmwaresa8145psc8280xp-bbqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sdx55sd888_firmwareqcn5021_firmwaresa8155pssg2115p_firmwareqam8255par8035_firmwareqsm8250_firmwareqcn7606qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwaresa8145p_firmwaresnapdragon_x65_5gqca1062_firmwareimmersive_home_318_firmwarecsrb31024snapdragon_7c\+_gen_3_firmwareqcn9072sc8280xp-bb_firmwareqca9992qca6420_firmwareipq8069_firmwareqca2064_firmwarewcd9370immersive_home_216ssg2115pqcn5152_firmwareqca6426sc8280xp-abqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareqcn7605snapdragon_782g_firmwarefastconnect_6200snapdragon_780g_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqca1064qcn9011_firmwareflight_rb5_5g_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nsnapdragon_888\+_5gipq5010immersive_home_214qca6564au_firmwareqca6584ausa6155p_firmwareqca6310ipq8174qca9990qcs6490qcn5052qcs8550_firmwaresnapdragon_778g_5g_firmwareqcn9074sa6145p_firmwareqca6421fastconnect_6700_firmwaresa8195pwsa8810_firmwarerobotics_rb5sa8255p_firmwaresnapdragon_780g_5gqca8081qcm4490qcn6023ipq8071aipq8071a_firmwarewcd9385sxr2130_firmwaresnapdragon_auto_4gqcs6490_firmwareqca2065_firmwareimmersive_home_316_firmwaresc8180x-acsnapdragon_xr2_5g_firmwareqca9898_firmwarewcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresa4150pqca8072snapdragon_865_5gqcn9000qca6554asd865_5gfastconnect_6800qca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_auto_5g_firmwarewsa8835sd_8_gen1_5gsnapdragon_7c\+_gen_3snapdragon_865\+_5gqcn5154qca8075_firmwaresc8180xp-acsxr2130ssg2125p_firmwareipq4018qca6574aqca9889sc8180x-afsm7325pqcn6132_firmwareqca9888qca6310_firmwareipq8074qca9994_firmwaresnapdragon_8\+_gen_1ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886snapdragon_888\+_5g_firmwaresm7325p_firmwaresxr2230pipq8076snapdragon_782g315_5g_firmwareqca6574a_firmwarefastconnect_6200_firmwareipq8069qcn5021qcn5152qrb5165msm7315qca6391sc8280xp-ab_firmwarefastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_ar2_gen_1_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180xp-af_firmwareipq8074_firmwareimmersive_home_316qca9889_firmwareqca6574ausa8155p_firmwareqcn5122qcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810sc8180x-aa_firmwarerobotics_rb5_firmwareqcn5022sc8180x-aaipq6010_firmwaresc8180x-af_firmwareqca1064_firmwarewcn6740qca6696qcs8550sc8180xp-absa6150pqca8075qcn9022_firmwaresnapdragon_870_5g_firmwareqcn6024qcn9022qca9990_firmwareflight_rb5_5gipq8070asc8180x-ad_firmwareqcn9072_firmwareqcn9074_firmwareipq4029Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33099
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.10%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Multi-Mode Call Processor

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qcm8550_firmwarewsa8845_firmwaresd865_5gwsa8832snapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwarewcd9370qca8081_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwareqca6696snapdragon_778g\+_5g_mobilesnapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024sd888_firmwareqcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_782g_mobile_firmwarewsa8815_firmwarewsa8832_firmwareqca8337_firmwareqca8337qca6426_firmwarewcd9395sg8275p_firmwareqcm6490_firmwaresnapdragon_690_5g_mobile_firmwaresm7250p_firmwarewcd9341qcm4490_firmwarewcd9390snapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_690_5g_mobilefastconnect_6800_firmwareqcs5430snapdragon_778g\+_5g_mobile_firmwaresnapdragon_870_5g_mobileqcn6024_firmwareqcm5430sm7250pqcm5430_firmwareqca6584auqcn6274_firmwaresd888qcc710snapdragon_xr2_5g_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmware315_5g_iot_modem_firmwarefastconnect_7800_firmwarefastconnect_6900snapdragon_865_5g_mobile_firmwareqep8111qfw7114wcd9385_firmware315_5g_iot_modemqca6421fastconnect_6900_firmwarewcd9380wcd9360snapdragon_xr2_5gsnapdragon_x65_5g_modem-rfqcs4490wsa8845qca6421_firmwaresnapdragon_auto_5g_modem-rf_firmwarewsa8810snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilesnapdragon_4_gen_1_mobile_firmwaresm7315_firmwarewsa8840sd855qcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwaresm7315snapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_888\+_5g_mobilewcd9385snapdragon_8_gen_1_mobilesnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesnapdragon_865\+_5g_mobileqep8111_firmwaresg8275psnapdragon_855\+_mobilewcd9370_firmwaresdx55_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesnapdragon_auto_5g_modem-rfqca6574asnapdragon_8\+_gen_2_mobilesxr2130qcm4490qca6174asnapdragon_x65_5g_modem-rf_firmwarewcd9340snapdragon_480\+_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqcm6490sm7325psm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_765_5g_mobile_firmwareqcn9024qca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124snapdragon_x70_modem-rfwsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresnapdragon_855_mobile_firmwareqca6696_firmwareqcn9024_firmwaresdx57mwsa8845hwcd9380_firmwareqca8081wsa8815snapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_x75_5g_modem-rfsnapdragon_768g_5g_mobile_firmwarear8035qca6574a_firmwaresdx55snapdragon_4_gen_1_mobilesnapdragon_4_gen_2_mobilesnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwarewcd9375_firmwareqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqcs5430_firmwareqca6698aqwcn3950_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragonqca8337_firmwareqcm4490_firmwareqcm8550_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_778g_5g_mobile_platform_firmware315_5g_iot_modem_firmwareqcm6490_firmwaresg8275p_firmwareqca6431_firmwarefastconnect_6900_firmwareqcs8550_firmwareqcn6224_firmwarefastconnect_6700_firmwareqcn9024_firmwarefastconnect_7800_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6698aq_firmwareqcm5430_firmwareqca6174a_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqca6696_firmwareqcs6490_firmwareqfw7114_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwareqcn6024_firmwaresm8550p_firmwaresd888_firmwareqcc710_firmwaresm7325p_firmwaresdx57m_firmwaresd855_firmwaresd865_5g_firmwareqca6426_firmwaresm7315_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_695_5g_mobile_platform_firmwaresdx55_firmwaresnapdragon_780g_5g_mobile_platform_firmwareqca8081_firmwarefastconnect_6800_firmwareqfw7124_firmwaresm7250p_firmwareqca6436_firmwarear8035_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6421_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33040
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.64%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-03 Jun, 2025 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Data Modem

Transient DOS in Data Modem during DTLS handshake.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qca6431_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_870_5g_mobile_platform_firmwarewcd9360_firmwaresnapdragon_888_5g_mobile_platformwcn3950_firmwaresc8180x\+sdx55sa8150p_firmwaresm4450_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformsnapdragon_x70_modem-rf_systemcsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9371_firmwarewcn3950qcn6024_firmwaresnapdragon_460_mobile_platformsd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca8081_firmwaresa6155_firmwarewcd9375_firmwareqca6420wcd9360snapdragon_782g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresmart_audio_400_platform_firmwareqca6698aqqcs6125sa8155_firmwaresd662_firmwaresnapdragon_765g_5g_mobile_platformqca6430snapdragon_678_mobile_platform_firmwaresnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformsnapdragon_8cx_compute_platformwcd9340snapdragon_780g_5g_mobile_platformsw5100qca6436sa6155psnapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwaresnapdragon_690_5g_mobile_platformwcd9341qca6431qca6696_firmwarewcd9371wcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_7c_gen_2_compute_platform_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresw5100psnapdragon_8cx_gen_2_5g_compute_platformsnapdragon_w5\+_gen_1_wearable_platformqca6564ausnapdragon_7c\+_gen_3_computewcd9380snapdragon_782g_mobile_platformfastconnect_6700qcs410qca6430_firmwarewcd9335_firmwarewcn3980snapdragon_732g_mobile_platform_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn3910snapdragon_865\+_5g_mobile_platformsnapdragon_4_gen_1_mobile_platformqca6426_firmwaresm4450qcn9024wcn3980_firmwaresd730snapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemfastconnect_6900fastconnect_6900_firmwareqcn9024_firmwaresdx57mqcm4290_firmwaresnapdragon_x24_lte_modemwsa8832sw5100p_firmwareqcs610_firmwaresa6145psnapdragon_730_mobile_platformqcs4490sa8145psnapdragon_750g_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675snapdragon_695_5g_mobile_platformsnapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformar8035_firmwareqcm2290snapdragon_480\+_5g_mobile_platformsnapdragon_662_mobile_platform_firmwarewsa8830sa8145p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwarecsrb31024snapdragon_865_5g_mobile_platformcsra6620qcs4290snapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarewcd9370sd675_firmwaresnapdragon_480\+_5g_mobile_platform_firmwareqca6426wcn3990_firmwareqca9377wcd9385_firmwarewcd9326_firmwarefastconnect_6200snapdragon_7c_gen_2_compute_platformsd662sa8155snapdragon_x55_5g_modem-rf_systemsdx55_firmwaresnapdragon_778g_5g_mobile_platformqca6595ausm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_x70_modem-rf_system_firmwareqcs6490qcs8550_firmwarewcn3988_firmware315_5g_iot_modemsa6145p_firmwareqca6421sm6250fastconnect_6700_firmwaresa8195pwsa8810_firmwarewcd9326wcd9335sg4150pqca8081qcm4490snapdragon_888\+_5g_mobile_platformqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwarear8035wcd9375aqt1000sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_768g_5g_mobile_platform_firmwareqcm6490wsa8815_firmwarewsa8835_firmwaresg4150p_firmwareqcm6125_firmwareqcm4325qcm2290_firmwaresnapdragon_855\+\/860_mobile_platform_firmwarewcn3990sd_675sd865_5gfastconnect_6800snapdragon_8c_compute_platformsd888wsa8835snapdragon_auto_5g_modem-rfsm6250psnapdragon_678_mobile_platformsnapdragon_855\+\/860_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresxr2130qca6574asmart_audio_400_platformqca6174asm7325psd855sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_665_mobile_platformsnapdragon_730g_mobile_platformsm7315sd460qca6391snapdragon_x55_5g_modem-rf_system_firmwarefastconnect_7800aqt1000_firmwaresnapdragon_7c_compute_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_auto_4g_modemqcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810snapdragon_765g_5g_mobile_platform_firmwaresnapdragon_730g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_8c_compute_platform_firmwaresnapdragon_675_mobile_platformwcn6740qca6696snapdragon_732g_mobile_platformqcs8550sa6150psnapdragon_x50_5g_modem-rf_systemsnapdragon_768g_5g_mobile_platformqcn6024snapdragon_765_5g_mobile_platformsm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_7c_compute_platformSnapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2019-10547
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.21%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCN7605, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDX24, SDX55, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm450_firmwaresdm632sdx24sdm439mdm9650sdm429sm7150_firmwaremsm8909w_firmwaremsm8996ausm7150apq8009_firmwaresxr2130qcs605_firmwaresc8180xmdm9206sdx24_firmwareipq8074sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaresda660sdx55_firmwaremsm8909wapq8009apq8053_firmwaresda845nicobarmsm8953sdm450apq8098_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwareipq8074_firmwaresdm710mdm9607sdm710_firmwareqcn7605_firmwaremdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellsda660_firmwarerennell_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm8250sm8150nicobar_firmwaresaipanmdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-21666
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.07%
||
7 Day CHG+0.01%
Published-02 May, 2023 | 05:08
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Release of Memory Before Removing Last Reference (`Memory Leak`) in Graphics

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_wear_2100_platform_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sdm670home_hub_100_platformqcs605_firmwaresd_675_firmwareqcs6125_firmwareapq5053-aa_firmwarewcn685x-1msm8108wcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125mdm9628wcn3660bsm7150-ac8998_firmwareqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwaresa6155_firmwaresm6225-admsm8909wqca6420snapdragon_xr2\+_gen_1_platformsdx20msnapdragon_auto_5g_modem-rf_firmwareqca9367_firmware8909sdm450wcn3999sm6225-ad_firmwareqrb5165m_firmwareqrb5165_firmwareqcs6125sa8155_firmwaresm7250-ab_firmwareqca64308905_firmwarewcd9340sd626_firmwarehome_hub_100_platform_firmwareqca64368953_firmwaresa6155pmsm8209_firmwarewcn685x-1_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341snapdragon_wear_2500_platformqca6431qca6696_firmwarewcd9371wcn3910_firmwaresa8150psm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwarewcn3988sd660_firmwaresm4250-aa_firmwaresa8195p_firmwaresm6125_firmwarewcn3610msm8608sm6115_firmwareqca8337_firmwarewcd9380_firmwaresdm429wwcd9330qca6564ausdm429sd670_firmwareqca6574apq8053-acwcd9380snapdragon_wear_4100\+_platform_firmwareqcs410apq8053-ac_firmwareqca9379_firmwaresm7150-aa_firmwareqcn9012_firmwaresd626qca6174qca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225qcs605wcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910qca6320sdm429_firmwaremdm9650_firmwareqcs8250qca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasnapdragon_820_automotive_platformqca6421_firmwaresm6350sm7125snapdragon_xr2_5g_platformwcn3680_firmwaresm7150-ab_firmwareqrb5165sdm660sm6350_firmwaresdm710sd670qca6564a_firmwareapq8053-lite_firmwareqcm4290_firmwaresnapdragon_x24_lte_modemqcs610_firmwareqsm8250sa6145psdm439_firmwareqca6595_firmwaresa8145pqca6391_firmwarewcd9370_firmwareqm215_firmwaresdx55sa8155psd675qcs8155_firmwaresnapdragon_x20_lte_modemsnapdragon_1200_wearable_platformwcn3660qca9379qcm2290qsm8250_firmwaresdm845_firmwaresnapdragon_632_mobile_platformsnapdragon_wear_2100_platformwsa88308998sa8145p_firmwaresm6125snapdragon_x24_lte_modem_firmwareqcs2290_firmwaresdm450_firmwaremdm9628_firmwaremdm9650flight_rb5_5g_platformflight_rb5_5g_platform_firmwaresm7250-ac_firmwareqcs4290snapdragon_x20_lte_modem_firmwaremdm9250apq8053-liteqca6420_firmwareqca6390_firmwaresnapdragon_auto_4g_modem_firmwareqca6174_firmwaresd730_firmwarewcd9370sd675_firmwareqca6564sm6115qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6320_firmwarewcn3680b_firmwaresdx55_firmwaresda\/sdm845_firmwaresnapdragon_208_processor_firmwarewcn36158917_firmwareqca6595auwcn3999_firmwaresm7250p_firmware8953wcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresa6155p_firmwareqca6310qcs8155apq8053-aa_firmwaresm6225snapdragon_208_processorsnapdragon_x5_lte_modem_firmwareqca9367snapdragon_wear_3100_platformsm8250-acwcn3988_firmwareqcn9074sa6145p_firmwareqm215qca6421sm7250-aasm6250sa8195psxr1120sdm710_firmwarewsa8810_firmwarewcd9326wcd93358917apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwaresm7150-abqca6390wcd9375sda\/sdm8458909_firmwaresm6250_firmwaresm6150_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwarewcn3620sxr1120_firmwareqca6564aqcm6125_firmwaresnapdragon_x5_lte_modemqcm2290_firmwareapq5053-aawcn3990sd_675sdm845sd865_5g8953proqca6595sdm439qcn9012sm6150msm8909w_firmwarewsa8835sdm429w_firmwaresnapdragon_auto_5g_modem-rfsm6250psxr2130snapdragon_wear_4100\+_platformqca6574awcn685x-5_firmwareqca6174asdm670_firmwareqca6310_firmwaresm7150-ac_firmwaresm7250-abqca6574_firmwaresd855sm4125_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmware8953pro_firmwaremsm8209qrb5165msnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391snapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwareqcm4290snapdragon_xr1_platformwcn685x-5qcn9011sm6225_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125sm7250-aa_firmwarewsa88108905sm7250-acwcn3680bsd835_firmwareqca6564_firmwaresnapdragon_wear_2500_platform_firmwareqca6696msm8608_firmwaresm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150psm7250psnapdragon_wear_3100_platform_firmwareqcn9074_firmwareqcs410_firmwaresdm660_firmwaresnapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2025-47397
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.45%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 15:20
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Release of Memory Before Removing Last Reference in Graphics

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm5430sxr2350p_firmwaresm7675sxr2230psnapdragon_8_gen_3_mobilewsa8845qcm6490_firmwaresm8750pqcn9011_firmwarewcn3980sm6650p_firmwareqcm6125qca6797aqwcd9375fastconnect_7800ssg2115psxr1230pssg2115p_firmwarecsra6620_firmwareqcm2290lemansau_firmwareqca6698aqqcm4325sd662wsa8815_firmwarewcd9390ar8031_firmwareqcs4490qca6595ausnapdragon_7\+_gen_2_mobile_firmwareqam8295p_firmwarewcn7880qcm6490wsa8810_firmwareqcn9011wcn3988_firmwareqcn9012_firmwaresxr2350pqca6574aiq-8300qcm4325_firmwareqcm4490sm8475p_firmwarefastconnect_6900_firmwaresa7255pvideo_collaboration_vc3_firmwarefastconnect_6900qca6698au_firmwaresm7435_firmwaresnapdragon_6_gen_3_mobile_firmwaresa8155psnapdragon_680_4g_mobile_firmwaresm7675p_firmwaresm8750p_firmwarenetrani_firmwareqcm5430_firmwaresar2130p_firmwaresnapdragon_6_gen_1_mobile_firmwaresm7550p_firmwarecsra6640qamsrv1h_firmwareiq-615_firmwaresm7550_firmwaresnapdragon_8_eliteqmp1000_firmwareorneqcm2290_firmwareqca6688aqnetranisrv1mqcs2290_firmwaresnapdragon_662_mobilesnapdragon_8_gen_1_mobile_firmwarewcn7861g2_gen_1iq-9100wcn3988qca6797aq_firmwaresnapdragon_4_gen_2_mobile_firmwaresa7775p_firmwaresnapdragon_685_4g_mobilewsa8840_firmwareqamsrv1mqca6678aq_firmwareqca6391_firmwareqca6696_firmwareg1_gen_1_firmwaresw5100p_firmwaresxr2330pwcd9385lemans_au_lgitiq-9075_firmwareqca6574snapdragon_w5\+_gen_1_wearablewcn3910_firmwarewcn6755snapdragon_680_4g_mobilevideo_collaboration_vc5snapdragon_685_4g_mobile_firmwarewcn6650_firmwaresnapdragon_8_gen_1_mobilesm7550snapdragon_7s_gen_3_mobilesd_8_gen1_5gqca6574a_firmwaresnapdragon_7_gen_1_mobile_firmwareqca6595_firmwareg1_gen_1wcd9370smart_audio_400_firmwarewcn7881qcs8550_firmwaresm7435snapdragon_8_gen_3_mobile_firmwareqcs4290_firmwaresar2130psd662_firmwaresm8550p_firmwaresnapdragon_662_mobile_firmwarepalawan25_firmwaresw5100_firmwaresw5100psnapdragon_460_mobileqca6678aqsnapdragon_8_elite_firmwareqca6688aq_firmwaresm8650qwsa8835wcd9375_firmwarewsa8840wcd9378fastconnect_6700_firmwaresa8770psa8195probotics_rb5sa8155p_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_4_gen_1_mobilesxr2230p_firmwarewcd9371sa6155psmart_audio_400qcm4490_firmwaresm7675_firmwarewcd9335_firmwaresa8620pmonaco_iot_firmwaresm8635_firmwaresa8255psnapdragon_480\+_5g_mobile_firmwareqca8695au_firmwaresnapdragon_4_gen_1_mobile_firmwareiq-8275_firmwarecsra6640_firmwaresnapdragon_ar1_gen_1qcs8550wsa8832sa7775psa8295psnapdragon_480_5g_mobile_firmwarewcn3980_firmwareqrb5165n_firmwaresxr2250pwcd9371_firmwaresm7635p_firmwaremilossm7635pwsa8830qcs4290wsa8835_firmwareqca6595sa8195p_firmwarewcd9385_firmwaresnapdragon_6_gen_4_mobile_firmwareqamsrv1hsm6225p_firmwaresnapdragon_695_5g_mobilewcn6650video_collaboration_vc5_firmwaresnapdragon_8\+_gen_1_mobilemonaco_iotsm8635snapdragon_7_gen_1_mobilewsa8845h_firmwarewcn3950_firmwaresrv1hvideo_collaboration_vc1_firmwaresm7675pwsa8845hlemansauqam8295psa6155p_firmwareqca6698aq_firmwarewcn3910sw5100sa7255p_firmwarewcd9370_firmwaresxr2330p_firmwaresm7550pwsa8832_firmwareqcm6125_firmwareqca6595au_firmwaresnapdragon_8\+_gen_2_mobile_firmwareflight_rb5_5g_firmwaresd_8_gen1_5g_firmwareqamsrv1m_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobile_firmwareg2_gen_1_firmwareqcs2290sm8650q_firmwareqam8255p_firmwarewcn7860_firmwarewsa8815orne_firmwarewcn7860fastconnect_6200_firmwaresm8550pqrb5165nsxr1230p_firmwarecsra6620wcd9335wcn3950qmp1000lemans_au_lgit_firmwareflight_rb5_5gsm8475pwcd9395iq-9075fastconnect_6200snapdragon_8_gen_2_mobileqcn9012video_collaboration_vc3snapdragon_ar1_gen_1_firmwarewsa8845_firmwaresm6225psa8770p_firmwareqca2066sm8635psnapdragon_4_gen_2_mobilewcn7861_firmwaresm8635p_firmwaresa9000pwcd9378_firmwaresnapdragon_7s_gen_3_mobile_firmwaresa8255p_firmwaresnapdragon_6_gen_3_mobilesnapdragon_8\+_gen_2_mobilessg2125pwcn7881_firmwaresrv1m_firmwareqcs4490_firmwarepalawan25qca6698ausnapdragon_480\+_5g_mobilesnapdragon_695_5g_mobile_firmwarewcn6755_firmwarewcn7880_firmwareqca6574auiq-8275sxr2250p_firmwaresa9000p_firmwareqam8255pfastconnect_6700iq-8300_firmwareqca6391srv1h_firmwareqca2066_firmwaresm6650pqca6574au_firmwaresa8620p_firmwaresnapdragon_460_mobile_firmwaremilos_firmwarewcd9380iq-9100_firmwaresnapdragon_w5\+_gen_1_wearable_firmwarewcd9380_firmwarevideo_collaboration_vc1sa8295p_firmwarewsa8830_firmwareqca8695ausnapdragon_480_5g_mobilewcd9395_firmwarefastconnect_7800_firmwareqca6696snapdragon_6_gen_1_mobilesnapdragon_6_gen_4_mobilesnapdragon_7\+_gen_2_mobilewsa8810ar8031ssg2125p_firmwareqca6574_firmwarerobotics_rb5_firmwareiq-615Snapdragon
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-31517
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 29.95%
||
7 Day CHG+0.02%
Published-23 May, 2023 | 00:00
Updated-02 Aug, 2024 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the component CConsole::Chain of Teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via opening a crafted file.

Action-Not Available
Vendor-teeworldsn/a
Product-teeworldsn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-28096
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.5||MEDIUM
EPSS-0.98% / 76.93%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 21:52
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has memory leak in cJSON lib

OpenSIPS, a Session Initiation Protocol (SIP) server implementation, has a memory leak starting in the 2.3 branch and priot to versions 3.1.8 and 3.2.5. The memory leak was detected in the function `parse_mi_request` while performing coverage-guided fuzzing. This issue can be reproduced by sending multiple requests of the form `{"jsonrpc": "2.0","method": "log_le`. This malformed message was tested against an instance of OpenSIPS via FIFO transport layer and was found to increase the memory consumption over time. To abuse this memory leak, attackers need to reach the management interface (MI) which typically should only be exposed on trusted interfaces. In cases where the MI is exposed to the internet without authentication, abuse of this issue will lead to memory exhaustion which may affect the underlying system’s availability. No authentication is typically required to reproduce this issue. On the other hand, memory leaks may occur in other areas of OpenSIPS where the cJSON library is used for parsing JSON objects. The issue has been fixed in versions 3.1.8 and 3.2.5.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-28366
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.61%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 00:00
Updated-26 Jun, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.

Action-Not Available
Vendor-n/aEclipse Foundation AISBL
Product-mosquitton/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-4435
Matching Score-4
Assigner-DFINITY Foundation
ShareView Details
Matching Score-4
Assigner-DFINITY Foundation
CVSS Score-5.9||MEDIUM
EPSS-0.21% / 43.18%
||
7 Day CHG~0.00%
Published-21 May, 2024 | 09:41
Updated-10 Dec, 2025 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BTreeMap memory leak when deallocating nodes with overflows

When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain (incorrectly) allocated, causing a memory leak. In the worst case, depending on how a canister uses the BTreeMap, an adversary could interact with the canister through its API and trigger interactions with the map that keep consuming memory due to the memory leak. This could potentially lead to using an excessive amount of memory, or even running out of memory. This issue has been fixed in #212 https://github.com/dfinity/stable-structures/pull/212  by changing the logic for deallocating nodes to ensure that all of a node's memory chunks are deallocated and users are asked to upgrade to version 0.6.4.. Tests have been added to prevent regressions of this nature moving forward. Note: Users of stable-structure < 0.6.0 are not affected. Users who are not storing unbounded types in BTreeMap are not affected and do not need to upgrade. Otherwise, an upgrade to version 0.6.4 is necessary.

Action-Not Available
Vendor-dfinityInternet Computer
Product-stable_structuresic-stable-structures
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-26257
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 62.29%
||
7 Day CHG~0.00%
Published-27 Feb, 2023 | 00:00
Updated-02 Aug, 2024 | 11:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c.

Action-Not Available
Vendor-covesan/acovesa
Product-dlt-daemonn/adlt-daemon
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-2618
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 20.75%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 05:31
Updated-02 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment memory leak

A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-228548.

Action-Not Available
Vendor-opencvOpenCV
Product-opencvwechat_qrcode Module
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-24511
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 40.00%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-07 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process.

On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-7060sx2-48yc67280dr3-247050qx-32s720dt-24sccs-750x-48tp7170b-64c7150s-647260qx-647020sr-24c2veos-lab7500r2720dt-48y7260qx7500r3-36cq7010tx-487300x-64tceos-lab7800r3k-48cq7060cx-32s7020sr-32c27160-32cq7500r37300x-64s73167280dr3k-247250qx-647050sx3-48yc722xpm-48y47050sx3-48yc87060dx4-32720xp-24y67280sr3k-48yc87300x3-32cccs-750x-48zxp7260cx7150s-247320x-32c7280cr2ak-307280cr3-32d4720xp-24zy47260cx37170-64c7280cr3-32p47050sx-72q7280e7280pr3-247050cx3-32s7050sx2-72qeos7150sc-247020tra-487050sx2-1287020tr-487260cx3-647150s-527300x3-48yc47050sx-647170-32c720xp-48zc2720xp-96zc27050sx3-48yc12720xp-48y67010tx-48-dc7500r3-24d7500r3-24p7160-48tc67300x-32q7800r3-48cq73047500r7170-32cd7050cx3m-32s720dt-48s7368x4720dp-24s7050sx-128720df-48y720dp-48s7010t-487050tx-64722xpm-48zy87050tx3-48c87280cr3-967050tx-72q7280pr3k-247060px4-327280r37150sc-64cloudeos7280cr3k-967280r7060cx2-32s7280cr2k-607388x57050tx-487050qx2-32s7500r3k-36cq7500e7800r3-36p7160-48yc67050tx2-1287050sx3-96yc873087280cr3k-32p4ccs-750x-48thp7280cr3k-32d47280r27050sx3-48c87280sr3-48yc87010tccs-750x-48zpEOS
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-7379
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.90%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 05:04
Updated-01 May, 2026 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Release of Memory after Effective Lifetime in Wireshark

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWireshark
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2007-2274
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-7.36% / 91.80%
||
7 Day CHG~0.00%
Published-25 Apr, 2007 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain.

Action-Not Available
Vendor-n/aOpera
Product-opera_browsern/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-43506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.20%
||
7 Day CHG~0.00%
Published-01 May, 2026 | 14:45
Updated-01 May, 2026 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections.

Action-Not Available
Vendor-prosodyProsody
Product-prosodyProsody
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-22417
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.40%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 00:00
Updated-08 Apr, 2025 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventually the flowd process will crash and restart. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345srx5800srx380srx110srx4000srx4200srx340srx550_hmsrx4100srx220srx240h2srx240srx3600srx5000srx5400srx1400srx100srx3400srx300srx550srx320srx5600junossrx240msrx650srx210srx4600srx550msrx1500Junos OS
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2022-0742
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-9.1||CRITICAL
EPSS-2.21% / 84.66%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 11:20
Updated-21 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory leak in ICMP6 in Linux Kernel

Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

Action-Not Available
Vendor-Linux Kernel Organization, IncNetApp, Inc.
Product-aff_8300h300eh500sa400_firmwareh300s_firmwareh410c_firmwarefas_8700h410saff_8700h300saff_8300_firmwareh300e_firmwarefas_8700_firmwarelinux_kernela400h500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwarefas_8300_firmwareaff_8700_firmwareh700eh410ch700e_firmwarefas_8300h700sKernel
CWE ID-CWE-275
Not Available
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-4247
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-7.5||HIGH
EPSS-0.01% / 2.68%
||
7 Day CHG-0.03%
Published-26 Mar, 2026 | 06:09
Updated-30 Apr, 2026 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TCP: remotely exploitable DoS vector (mbuf leak)

When a challenge ACK is to be sent tcp_respond() constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves establish a TCP connection, to an affected FreeBSD machine, they can easily craft and send packets which meet the challenge ACK criteria and cause the FreeBSD host to leak an mbuf for each crafted packet in excess of the configured rate limit settings i.e. with default settings, crafted packets in excess of the first 5 sent within a 1s period will leak an mbuf. Technically, off-path attackers can also exploit this problem by guessing the IP addresses, TCP port numbers and in some cases the sequence numbers of established connections and spoofing packets towards a FreeBSD machine, but this is harder to do effectively.

Action-Not Available
Vendor-FreeBSD Foundation
Product-freebsdFreeBSD
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2025-30658
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.23% / 45.41%
||
7 Day CHG-0.17%
Published-09 Apr, 2025 | 20:02
Updated-23 Jan, 2026 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series: On devices with Anti-Virus enabled, malicious server responses will cause memory to leak ultimately causing forwarding to stop

A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX platforms with Anti-Virus enabled, if a server sends specific content in the HTTP body of a response to a client request, these packets are queued by Anti-Virus processing in Juniper Buffers (jbufs) which are never released. When these jbufs are exhausted, the device stops forwarding all transit traffic. A jbuf memory leak can be noticed from the following logs: (<node>.)<fpc> Warning: jbuf pool id <#> utilization level (<current level>%) is above <threshold>%! To recover from this issue, the affected device needs to be manually rebooted to free the leaked jbufs. This issue affects Junos OS on SRX Series:  * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345srx4200srx5600srx4700srx4100srx1500srx300srx340srx5400junossrx320srx4600srx5800srx4120srx4300srx2300srx380srx1600Junos OS
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-47519
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.5||HIGH
EPSS-0.04% / 11.00%
||
7 Day CHG~0.00%
Published-24 May, 2024 | 15:09
Updated-11 May, 2026 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
can: m_can: m_can_read_fifo: fix memory leak in error branch

In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function jump to the out_fail label and returns without calling m_can_receive_skb(). This means that the skb previously allocated by alloc_can_skb() is not freed. In other terms, this is a memory leak. This patch adds a goto label to destroy the skb if an error occurs. Issue was found with GCC -fanalyzer, please follow the link below for details.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinuxlinux_kernel
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2025-27097
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.41% / 61.77%
||
7 Day CHG~0.00%
Published-20 Feb, 2025 | 20:15
Updated-27 Feb, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation

GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. When a user transforms on the root level or single source with transforms, and the client sends the same query with different variables, the initial variables are used in all following requests until the cache evicts DocumentNode. If a token is sent via variables, the following requests will act like the same token is sent even if the following requests have different tokens. This can cause a short memory leak but it won't grow per each request but per different operation until the cache evicts DocumentNode by LRU mechanism.

Action-Not Available
Vendor-the-guildardatan
Product-graphql_meshgraphql-mesh
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-22410
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.36%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: MX Series with MPC10/MPC11: When Suspicious Control Flow Detection (scfd) is enabled and an attacker is sending specific traffic, this causes a memory leak.

A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). Devices are only vulnerable when the Suspicious Control Flow Detection (scfd) feature is enabled. Upon enabling this specific feature, an attacker sending specific traffic is causing memory to be allocated dynamically and it is not freed. Memory is not freed even after deactivating this feature. Sustained processing of such traffic will eventually lead to an out of memory condition that prevents all services from continuing to function, and requires a manual restart to recover. The FPC memory usage can be monitored using the CLI command "show chassis fpc". On running the above command, the memory of AftDdosScfdFlow can be observed to detect the memory leak. This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 20.2R3-S5; 20.3 version 20.3R1 and later versions.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-mx2008mx960mx240mx10008mx150mx10mx2020mx10003mx10016mx2010mx5mx10000mx204mx480mx104junosmx80mx40Junos OS
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2025-25199
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.03% / 77.54%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 17:49
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BCryptGenerateSymmetricKey memory leak

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation (CNG). Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to `cng.TLS1PRF` don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41 contains a fix for the issue. The fix is included in versions 1.23.6-2 and 1.22.12-2 of the Microsoft build of go, as well as in the pseudoversion 0.0.0-20250211154640-f49c8e1379ea of the `github.com/microsoft/go-crypto-winnative` Go package.

Action-Not Available
Vendor-Microsoft Corporation
Product-go-crypto-winnative
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-43373
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.91%
||
7 Day CHG~0.00%
Published-08 May, 2026 | 14:21
Updated-15 May, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
net: ncsi: fix skb leak in error paths

In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak. Specifically, ncsi_aen_handler() returns on invalid AEN packets without consuming the skb. Similarly, ncsi_rcv_rsp() exits early when failing to resolve the NCSI device, response handler, or request, leaving the skb unfreed.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 10
  • 11
  • Next
Details not found