CVSS: 7.8EPSS: 0%CPEs: 274EXPL: 0CVE-2021-30268
https://notcve.org/view.php?id=CVE-2021-30268
03 Jan 2022 — Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible Problema de Corrupción de la Memoria de la pila debido a una falta de comprobación de la entrada cuando es enviado el comando HWTC IQ Capture en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 234EXPL: 0CVE-2021-1894
https://notcve.org/view.php?id=CVE-2021-1894
03 Jan 2022 — Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un control de acceso inapropiado en TrustZone debido a un manejo inapropiado de errores mientras es manejada la clave de firma en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.1EPSS: 0%CPEs: 292EXPL: 0CVE-2021-30284
https://notcve.org/view.php?id=CVE-2021-30284
12 Nov 2021 — Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible exposición de la información y denegación de servicio debido a que el NAS no deja caer los mensajes cuando falla la comprobación de integridad en Snapdragon Auto, Snapdragon Compute, Snapdr... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 316EXPL: 0CVE-2021-30259
https://notcve.org/view.php?id=CVE-2021-30259
12 Nov 2021 — Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible acceso fuera de límites debido a una comprobación inapropiada de las entradas de la tabla de funciones en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 376EXPL: 0CVE-2021-30255
https://notcve.org/view.php?id=CVE-2021-30255
12 Nov 2021 — Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una comprobación de entrada inapropiada en el comando PDM DIAG en FTM en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 326EXPL: 0CVE-2021-30254
https://notcve.org/view.php?id=CVE-2021-30254
12 Nov 2021 — Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una comprobación de entrada inapropiada en la calibración de fábrica y el comando DIAG de prueba en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 360EXPL: 0CVE-2021-1975
https://notcve.org/view.php?id=CVE-2021-1975
12 Nov 2021 — Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Posible desbordamiento de la pila debido a una comprobación inapropiada de la longitud del dominio mientras se analiza la respuesta DNS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon In... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 394EXPL: 0CVE-2021-1973
https://notcve.org/view.php?id=CVE-2021-1973
12 Nov 2021 — A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un comando FTM Diag puede permitir una escritura arbitraria en el espacio del Sistema Operativo del módem en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdr... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 634EXPL: 0CVE-2021-1924
https://notcve.org/view.php?id=CVE-2021-1924
12 Nov 2021 — Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una revelación de información mediante canales laterales de tiempo y energía durante la exponenciación de mods para RSA-CRT en Snapdragon ... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-203: Observable Discrepancy •
CVSS: 8.4EPSS: 0%CPEs: 364EXPL: 0CVE-2021-30261
https://notcve.org/view.php?id=CVE-2021-30261
17 Sep 2021 — Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento de enteros y de pila debido a una falta de comprobación del tamaño del comando de entrada mientras se maneja el comando de actualización de la plantilla de balizas desde HLOS en Snapdragon Auto, S... • https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin • CWE-20: Improper Input Validation •