CVSS: 9.1EPSS: 0%CPEs: 438EXPL: 0CVE-2021-1980
https://notcve.org/view.php?id=CVE-2021-1980
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible exceso de lectura en el búfer debido a una falta de comprobación de la longitud mientras se analiza la respuesta de la baliza IE en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 130EXPL: 0CVE-2021-1966
https://notcve.org/view.php?id=CVE-2021-1966
Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Un posible desbordamiento del búfer debido a una falta de comprobación de la longitud del búfer de origen y destino antes de copiar en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 376EXPL: 0CVE-2021-1959
https://notcve.org/view.php?id=CVE-2021-1959
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible corrupción de memoria debido a una falta de comprobación del índice de entrada en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 278EXPL: 0CVE-2021-1949
https://notcve.org/view.php?id=CVE-2021-1949
Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento de enteros debido a una comprobación inapropiada del valor del recuento de lotes mientras el sanitizador está activado en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.2EPSS: 0%CPEs: 124EXPL: 0CVE-2021-1968 – Qualcomm NPU Use-After-Free / Information Leak
https://notcve.org/view.php?id=CVE-2021-1968
Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una comprobación inapropiada de la dirección del búfer del kernel mientras se copia la información en el búfer del usuario puede conllevar a una exposición de la información de la memoria del kernel al espacio del usuario en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • http://packetstormsecurity.com/files/172856/Qualcomm-NPU-Use-After-Free-Information-Leak.html https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-20: Improper Input Validation •