Skip to main content

Qca9379 Firmware

134 CVEs product

Monthly

CVE-2021-1886 HIGH This Week

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Apq8017 Firmware Apq8037 Firmware +156
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1900 HIGH This Week

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Race Condition Apq8009 Firmware Apq8009W Firmware +88
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-1927 HIGH PATCH This Week

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Qualcomm Memory Corruption Denial Of Service Apq8009 Firmware +456
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1910 CRITICAL Act Now

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware Qcs610 Firmware Fsm10056 Firmware +370
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2021-1905 HIGH KEV PATCH THREAT This Week

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Qualcomm Memory Corruption Denial Of Service Apq8009 Firmware +395
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-11153 CRITICAL Act Now

u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Qualcomm Memory Corruption Apq8053 Firmware +5
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-3666 HIGH This Week

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8017 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-11118 HIGH This Week

u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +51
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-11116 CRITICAL PATCH Act Now

u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8053 Firmware Apq8096Au Firmware +46
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-11115 HIGH PATCH This Week

u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware +46
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-3699 CRITICAL PATCH Act Now

Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +44
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-3698 CRITICAL PATCH Act Now

Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +43
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-3665 HIGH This Week

A possible buffer overflow would occur while processing command from firmware due to the group_id obtained from the firmware being out of range in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8053 Firmware Apq8096Au Firmware +18
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-3614 CRITICAL Act Now

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +52
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-3615 CRITICAL PATCH Act Now

Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware Apq8096Au Firmware +22
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2020-3651 HIGH PATCH This Week

Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +37
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-10595 HIGH PATCH This Week

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware Apq8064 Firmware +27
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10557 CRITICAL PATCH Act Now

Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure Qualcomm Apq8009 Firmware +22
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-10536 HIGH PATCH This Week

Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10480 HIGH PATCH This Week

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8017 Firmware +41
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2310 HIGH PATCH This Week

Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +33
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-2297 HIGH PATCH This Week

Buffer overflow can occur while processing non-standard NAN message from user space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +27
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2268 CRITICAL PATCH Act Now

Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +24
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-10566 HIGH PATCH This Week

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware Apq8053 Firmware Apq8096Au Firmware +23
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2302 CRITICAL Act Now

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8017 Firmware Apq8053 Firmware +28
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-10542 CRITICAL PATCH Act Now

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware +27
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-10505 CRITICAL PATCH Act Now

Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware +42
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-10540 CRITICAL Act Now

Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Ipq8074 Firmware Msm8996au Firmware Qca6174a Firmware +24
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-10539 CRITICAL Act Now

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Ipq8074 Firmware Mdm9206 Firmware Mdm9607 Firmware +46
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10508 HIGH PATCH This Week

Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Mdm9150 Firmware Mdm9206 Firmware Mdm9607 Firmware +23
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10507 HIGH PATCH This Week

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware +33
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10506 HIGH PATCH This Week

While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware Msm8996au Firmware +23
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2312 HIGH PATCH This Week

When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Mdm9607 Firmware Mdm9640 Firmware Msm8996au Firmware +32
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2309 CRITICAL PATCH Act Now

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Buffer Overflow Mdm9150 Firmware Mdm9206 Firmware +22
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2019-2307 CRITICAL PATCH Act Now

Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware +37
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2019-2305 CRITICAL PATCH Act Now

Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware +34
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2019-2299 HIGH PATCH This Week

An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Ipq4019 Firmware Ipq8064 Firmware +38
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2276 CRITICAL PATCH Act Now

Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Mdm9607 Firmware Msm8996au Firmware +20
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2019-2240 MEDIUM This Month

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +47
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2018-11871 HIGH This Week

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +46
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11870 HIGH This Week

Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9635M Firmware +27
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11850 HIGH This Week

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9640 Firmware +21
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11849 HIGH This Week

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq8074 Firmware Mdm9206 Firmware Mdm9607 Firmware +40
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11291 HIGH This Week

In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Ipq8074 Firmware Mdm9206 Firmware Mdm9607 Firmware +33
NVD
CVSS 3.0
7.5
EPSS
0.8%
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption +158
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Race Condition +90
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Qualcomm Memory Corruption +458
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware +372
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Qualcomm Memory Corruption +397
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Qualcomm +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption +46
NVD
EPSS 1% CVSS 7.5
HIGH This Week

u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +53
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware +48
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +48
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware +46
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +45
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible buffer overflow would occur while processing command from firmware due to the group_id obtained from the firmware being out of range in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +20
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +54
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +24
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +39
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +29
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure +24
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +46
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption +43
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +35
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow can occur while processing non-standard NAN message from user space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Apq8009 Firmware +29
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +26
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware +25
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +30
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +29
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +44
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Ipq8074 Firmware +26
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Ipq8074 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Mdm9150 Firmware +25
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +35
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Mdm9206 Firmware +25
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Mdm9607 Firmware +34
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Buffer Overflow +24
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +39
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +36
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption +40
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +22
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Ipq4019 Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq4019 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware +29
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq8074 Firmware +42
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Ipq8074 Firmware +35
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy