Skip to main content

Ipq8064 Firmware

123 CVEs product

Monthly

CVE-2021-1895 HIGH PATCH This Week

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Integer Overflow Apq8009W Firmware Apq8017 Firmware +412
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1891 HIGH PATCH This Week

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Qualcomm Memory Corruption Information Disclosure Apq8009W Firmware +413
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-3696 HIGH PATCH This Week

u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Qualcomm Denial Of Service Memory Corruption Apq8009 Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-3657 CRITICAL Act Now

u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Qualcomm Apq8009 Firmware Apq8017 Firmware +35
NVD
CVSS 3.1
9.8
EPSS
28.3%
CVE-2020-11174 HIGH PATCH This Week

u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Agatti Firmware Apq8009 Firmware Apq8017 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-11173 HIGH PATCH This Week

u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0).

Race Condition Qualcomm Information Disclosure Agatti Firmware Apq8053 Firmware +31
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2020-11172 CRITICAL Act Now

u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Ipq4019 Firmware Ipq6018 Firmware Ipq8064 Firmware +3
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-11162 HIGH PATCH This Week

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Agatti Firmware Apq8009 Firmware Bitra Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-11125 HIGH PATCH This Week

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Agatti Firmware Apq8009 Firmware +46
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-3702 MEDIUM This Month

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8053 Firmware Ipq4019 Firmware Ipq8064 Firmware +10
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2020-3666 HIGH This Week

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8017 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-11117 CRITICAL POC THREAT Act Now

u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Qualcomm Command Injection Ipq4019 Firmware Ipq6018 Firmware +5
NVD
CVSS 3.1
9.8
EPSS
20.1%
CVE-2020-3700 HIGH PATCH This Week

Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8053 Firmware Apq8096Au Firmware +16
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-2304 HIGH PATCH This Week

Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +17
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10607 HIGH PATCH This Week

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +36
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10601 HIGH PATCH This Week

Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8096Au Firmware Ipq4019 Firmware Ipq8064 Firmware +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10600 HIGH PATCH This Week

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Qualcomm Apq8009 Firmware Apq8017 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10595 HIGH PATCH This Week

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware Apq8064 Firmware +27
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10536 HIGH PATCH This Week

Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10518 HIGH This Week

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Qualcomm Memory Corruption Apq8009 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10481 HIGH PATCH This Week

Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8096Au Firmware Ipq4019 Firmware Ipq8064 Firmware +10
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10480 HIGH PATCH This Week

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8017 Firmware +41
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2297 HIGH PATCH This Week

Buffer overflow can occur while processing non-standard NAN message from user space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +27
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2266 HIGH PATCH This Week

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8053 Firmware Ipq4019 Firmware Ipq8064 Firmware +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10512 HIGH PATCH This Week

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +45
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10491 HIGH PATCH This Week

ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10499 HIGH PATCH This Week

Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2330 MEDIUM PATCH This Month

improper input validation in allocation request for secure allocations can lead to page fault. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +35
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2019-2301 HIGH PATCH This Week

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Ipq4019 Firmware Ipq8064 Firmware +22
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2299 HIGH PATCH This Week

An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Ipq4019 Firmware Ipq8064 Firmware +38
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2263 HIGH PATCH This Week

Access to freed memory can happen while reading from diag driver due to use after free issue in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Use After Free Qualcomm Memory Corruption Ipq4019 Firmware +32
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2240 MEDIUM This Month

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +47
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2018-11871 HIGH This Week

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +46
NVD
CVSS 3.0
7.8
EPSS
0.2%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Integer Overflow +414
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Qualcomm Memory Corruption +415
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Qualcomm Denial Of Service +24
NVD
EPSS 28% CVSS 9.8
CRITICAL Act Now

u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Qualcomm +37
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Agatti Firmware +50
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0).

Race Condition Qualcomm Information Disclosure +33
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Ipq4019 Firmware +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Agatti Firmware +39
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption +48
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8053 Firmware +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption +46
NVD
EPSS 20% CVSS 9.8
CRITICAL POC THREAT Act Now

u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Qualcomm Command Injection +7
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +18
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Ipq4019 Firmware +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware +38
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8096Au Firmware +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Qualcomm +50
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +29
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +46
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Qualcomm +50
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8096Au Firmware +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption +43
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow can occur while processing non-standard NAN message from user space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Apq8009 Firmware +29
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8053 Firmware +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Ipq4019 Firmware +47
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Ipq4019 Firmware +46
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Ipq4019 Firmware +7
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

improper input validation in allocation request for secure allocations can lead to page fault. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Ipq4019 Firmware +37
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +24
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption +40
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Access to freed memory can happen while reading from diag driver due to use after free issue in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Use After Free Qualcomm +34
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Ipq4019 Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq4019 Firmware +48
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy