CVSS: 7.3EPSS: 0%CPEs: 258EXPL: 0CVE-2021-35097
https://notcve.org/view.php?id=CVE-2021-35097
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible omisión de la autenticación debido a un orden incorrecto de la verificación de la firma y el hash en la llamada de verificación de la firma en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.4EPSS: 0%CPEs: 192EXPL: 0CVE-2021-30350
https://notcve.org/view.php?id=CVE-2021-30350
Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Una falta de verificación del tamaño del encabezado de MBN contra el búfer de entrada puede conllevar a una corrupción de la memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 294EXPL: 0CVE-2021-30344
https://notcve.org/view.php?id=CVE-2021-30344
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una autorización inapropiada de un comando de modo de seguridad LTE reproducido puede conllevar a una denegación de servicio en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin •
CVSS: 9.1EPSS: 0%CPEs: 190EXPL: 0CVE-2021-30342
https://notcve.org/view.php?id=CVE-2021-30342
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables Una comprobación de integridad inapropiada puede conllevar a una condición de carrera entre las tareas PDCP y RRC? después de que haya sido recibido un paquete de comando RRC válido en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 240EXPL: 0CVE-2021-30341
https://notcve.org/view.php?id=CVE-2021-30341
Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Una comprobación inapropiada del tamaño del búfer del paquete DSM recibido puede conllevar a una corrupción de la memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-787: Out-of-bounds Write •