CVSS: 7.8EPSS: 0%CPEs: 478EXPL: 0CVE-2021-30303
https://notcve.org/view.php?id=CVE-2021-30303
03 Jan 2022 — Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible desbordamiento del búfer debido a una falta de comprobación de la longitud del búfer cuando es recibido un comando WMI segmentado en Snapdragon Aut... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 122EXPL: 0CVE-2021-30298
https://notcve.org/view.php?id=CVE-2021-30298
03 Jan 2022 — Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible acceso fuera de límites debido a una comprobación incorrecta del tamaño del elemento y de los datos de los grupos de memoria DIAG mientras es cambiado entre la interfaz USB... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 392EXPL: 0CVE-2021-30272
https://notcve.org/view.php?id=CVE-2021-30272
03 Jan 2022 — Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible desreferencia de puntero null en el administrador de operaciones de caché de hilos debido a una falta de comprobación de la e... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 332EXPL: 0CVE-2021-30271
https://notcve.org/view.php?id=CVE-2021-30271
03 Jan 2022 — Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible desreferencia de puntero null en el administrador de trampas debido a una falta de comprobación del ID de hilo antes de derivarlo en... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 310EXPL: 0CVE-2021-30270
https://notcve.org/view.php?id=CVE-2021-30270
03 Jan 2022 — Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible desreferencia de puntero null en el administrador de trampas de perfil de hilo debido a una falta de comprobación del ID de hilo antes de desferenciarlo en Snapdra... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 408EXPL: 0CVE-2021-30266
https://notcve.org/view.php?id=CVE-2021-30266
12 Nov 2021 — Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible uso de memoria previamente liberada debido a una comprobación inapropiada de la memoria cuando es inicializada una nueva interfaz mediante el comando Interface add en Snapdrago... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 388EXPL: 0CVE-2021-30264
https://notcve.org/view.php?id=CVE-2021-30264
12 Nov 2021 — Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible uso de memoria previamente liberada debido a la comprobación inapropiada de la referencia de la llamada a la tabla de almacenamiento interno en Snapdragon Auto, Snapdragon Connectivity, Snap... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 634EXPL: 0CVE-2021-1924
https://notcve.org/view.php?id=CVE-2021-1924
12 Nov 2021 — Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una revelación de información mediante canales laterales de tiempo y energía durante la exponenciación de mods para RSA-CRT en Snapdragon ... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-203: Observable Discrepancy •
CVSS: 5.3EPSS: 0%CPEs: 412EXPL: 0CVE-2021-1903
https://notcve.org/view.php?id=CVE-2021-1903
12 Nov 2021 — Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Puede producirse un escenario de denegación de servicio debido a una falta de comprobación de longitud en el anunci... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 388EXPL: 0CVE-2021-30312
https://notcve.org/view.php?id=CVE-2021-30312
20 Oct 2021 — Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una autenticación inapropiada de subtramas de una trama AMSDU de multidifusión puede conllevar la divulgación de información en Snapdragon Auto, Snapdragon Compute, Snapdragon Conne... • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-287: Improper Authentication •