Total
833 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11194 | 1 Qualcomm | 458 Aqt1000, Aqt1000 Firmware, Ar8035 and 455 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11191 | 1 Qualcomm | 952 Apq8009, Apq8009 Firmware, Apq8009w and 949 more | 2024-11-21 | 9.4 HIGH | 8.2 HIGH |
| Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11182 | 1 Qualcomm | 536 Aqt1000, Aqt1000 Firmware, Pm3003a and 533 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11178 | 1 Qualcomm | 574 Aqt1000, Aqt1000 Firmware, Ar8031 and 571 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11176 | 1 Qualcomm | 198 Apq8017, Apq8017 Firmware, Apq8053 and 195 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile | |||||
| CVE-2020-11170 | 1 Qualcomm | 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11165 | 1 Qualcomm | 510 Aqt1000, Aqt1000 Firmware, Ar8035 and 507 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11161 | 1 Qualcomm | 452 Apq8053, Apq8053 Firmware, Apq8064au and 449 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2020-11159 | 1 Qualcomm | 1006 Apq8009, Apq8009 Firmware, Apq8017 and 1003 more | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
| Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11147 | 1 Qualcomm | 406 Aqt1000, Aqt1000 Firmware, Pm3003a and 403 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2020-11134 | 1 Qualcomm | 650 Aqt1000, Aqt1000 Firmware, Ar8031 and 647 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11126 | 1 Qualcomm | 782 Apq8096au, Apq8096au Firmware, Aqt1000 and 779 more | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
| Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11119 | 1 Qualcomm | 942 Apq8009, Apq8009 Firmware, Apq8017 and 939 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2024-33014 | 1 Qualcomm | 650 315 5g Iot Modem, 315 5g Iot Modem Firmware, 860 Mobile Platform and 647 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing ESP IE from beacon/probe response frame. | |||||
| CVE-2024-33015 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Csr8811 and 387 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. | |||||
| CVE-2024-33025 | 1 Qualcomm | 338 Csr8811, Csr8811 Firmware, Fastconnect 6800 and 335 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. | |||||
| CVE-2024-33024 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Csr8811 and 359 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. | |||||
| CVE-2024-33018 | 1 Qualcomm | 302 Ar8035, Ar8035 Firmware, Csr8811 and 299 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame. | |||||
| CVE-2024-33026 | 1 Qualcomm | 330 Ar8035, Ar8035 Firmware, Csr8811 and 327 more | 2024-11-20 | N/A | 7.5 HIGH |
| Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. | |||||
| CVE-2024-33023 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Csra6620 and 311 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. | |||||