CVSS: 7.8EPSS: 0%CPEs: 394EXPL: 0CVE-2021-1973
https://notcve.org/view.php?id=CVE-2021-1973
A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un comando FTM Diag puede permitir una escritura arbitraria en el espacio del Sistema Operativo del módem en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 388EXPL: 0CVE-2021-30312
https://notcve.org/view.php?id=CVE-2021-30312
Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una autenticación inapropiada de subtramas de una trama AMSDU de multidifusión puede conllevar la divulgación de información en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 172EXPL: 0CVE-2021-30310
https://notcve.org/view.php?id=CVE-2021-30310
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music Un posible desbordamiento del búfer debido a una Comprobación Inapropiada de las tramas de datos CF-ACK y CF-Poll recibidas en Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 130EXPL: 0CVE-2021-30306
https://notcve.org/view.php?id=CVE-2021-30306
Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile Una posible lectura excesiva del búfer debido a una asignación inapropiada del búfer para la longitud del archivo pasado desde el espacio de usuario en Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 178EXPL: 0CVE-2021-30297
https://notcve.org/view.php?id=CVE-2021-30297
Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Una posible lectura fuera de límites debido a una comprobación inapropiada de la longitud del paquete mientras se maneja la transferencia de datos en el servicio VR en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •