CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. | 7.5 |
Haute |
||
Memory corruption in Audio while running invalid audio recording from ADSP. | 7.8 |
Haute |
||
Memory corruption in DSP Services during a remote call from HLOS to DSP. | 7.8 |
Haute |
||
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. | 9.1 |
Critique |
||
Transient DOS in Data modem while handling TLB control messages from the Network. | 7.5 |
Haute |
||
Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. | 7.5 |
Haute |
||
Transient DOS in Modem after RRC Setup message is received. | 7.5 |
Haute |
||
Memory corruption in HLOS while invoking IOCTL calls from user-space. | 8.4 |
Haute |
||
Memory corruption while using the UIM diag command to get the operators name. | 7.8 |
Haute |
||
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. | 7.8 |
Haute |
||
Memory corruption in Audio while processing the VOC packet data from ADSP. | 7.8 |
Haute |
||
Memory Corruption in Audio while invoking callback function in driver from ADSP. | 7.8 |
Haute |
||
Memory corruption while invoking callback function of AFE from ADSP. | 7.8 |
Haute |
||
Memory corruption while parsing the ADSP response command. | 7.8 |
Haute |
||
Memory corruption in DSP Service during a remote call from HLOS to DSP. | 8.4 |
Haute |
||
Transient DOS in WLAN Firmware while parsing rsn ies. | 7.5 |
Haute |
||
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. | 9.1 |
Critique |
||
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. | 7.8 |
Haute |
||
Transient DOS in Modem while processing invalid System Information Block 1. | 7.5 |
Haute |
||
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | 7.8 |
Haute |
||
Memory Corruption due to improper validation of array index in Linux while updating adn record. | 7.8 |
Haute |
||
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | 8.4 |
Haute |
||
Memory corruption while allocating memory in COmxApeDec module in Audio. | 8.4 |
Haute |
||
Memory Corruption in Audio while playing amrwbplus clips with modified content. | 8.4 |
Haute |
||
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. | 7.7 |
Haute |
||
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. | 9.3 |
Critique |
||
Memory corruption in WLAN while running doDriverCmd for an unspecific command. | 7.8 |
Haute |
||
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. | 7.1 |
Haute |
||
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. | 9.8 |
Critique |
||
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. | 7.8 |
Haute |
||
Transient DOS in WLAN Firmware while processing frames with missing header fields. | 7.5 |
Haute |
||
Memoru corruption in Audio when ADSP sends input during record use case. | 7.8 |
Haute |
||
Memory corruption in WLAN HOST while receiving an WMI event from firmware. | 7.8 |
Haute |
||
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. | 8.4 |
Haute |
||
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network. | 7.5 |
Haute |
||
Memory corruption due to improper access control in kernel while processing a mapping request from root process. | 7.8 |
Haute |
||
Information disclosure in Kernel due to indirect branch misprediction. | 7.1 |
Haute |
||
Transient DOS due to improper authorization in Modem | 7.5 |
Haute |
||
Memory corruption due to double free in Core while mapping HLOS address to the list. | 8.4 |
Haute |
||
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. | 7.9 |
Haute |
||
Transient DOS due to reachable assertion in Modem because of invalid network configuration. | 7.5 |
Haute |
||
Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host | 7.8 |
Haute |
||
information disclosure due to cryptographic issue in Core during RPMB read request. | 7.1 |
Haute |
||
Assertion occurs while processing Reconfiguration message due to improper validation | 7.5 |
Haute |
||
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. | 7.5 |
Haute |
||
Memory corruption in Graphics while importing a file. | 8.4 |
Haute |
||
Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported. | 7.5 |
Haute |
||
Transient DOS due to reachable assertion in Modem during OSI decode scheduling. | 7.5 |
Haute |
||
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. | 7.5 |
Haute |
||
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | 8.4 |
Haute |
||
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. | 8.2 |
Haute |
||
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 7.8 |
Haute |
||
Memory corruption due to use after free in Modem while modem initialization. | 7.8 |
Haute |
||
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | 7.8 |
Haute |
||
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |
Moyen |
||
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 7.5 |
Haute |
||
Memory corruption due to double free in core while initializing the encryption key. | 9.3 |
Critique |
||
Information disclosure due to buffer overread in Core | 6.8 |
Moyen |
||
Information disclosure due to buffer overread in Core | 6.8 |
Moyen |
||
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | 7.5 |
Haute |
||
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | 7.5 |
Haute |
||
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. | 8.2 |
Haute |
||
Denial of service in MODEM due to improper pointer handling | 6.2 |
Moyen |
||
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote | 9.8 |
Critique |
||
Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile | 7.5 |
Haute |
||
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 8.4 |
Haute |
||
Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile | 7.5 |
Haute |
||
Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.5 |
Haute |
||
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 8.4 |
Haute |
||
Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.5 |
Haute |
||
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 8.2 |
Haute |
||
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.5 |
Haute |
||
Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 6.8 |
Moyen |
||
Denial of service in video due to improper access control in broadcast receivers in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 6.2 |
Moyen |
||
Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 8.4 |
Haute |
||
Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 8.4 |
Haute |
||
Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 9.8 |
Critique |
||
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.5 |
Haute |
||
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.5 |
Haute |
||
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 9.8 |
Critique |
||
Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.5 |
Haute |
||
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 9.8 |
Critique |
||
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.5 |
Haute |
||
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 8.4 |
Haute |