CVSS: 10.0EPSS: 0%CPEs: 240EXPL: 0CVE-2021-30341
https://notcve.org/view.php?id=CVE-2021-30341
Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Una comprobación inapropiada del tamaño del búfer del paquete DSM recibido puede conllevar a una corrupción de la memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 294EXPL: 0CVE-2021-30281
https://notcve.org/view.php?id=CVE-2021-30281
Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Posible acceso no autorizado a un espacio seguro debido a una comprobación incorrecta de los datos permitidos mientras se parpadea la configuración de dispositivos sin control de acceso en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 202EXPL: 0CVE-2021-30323
https://notcve.org/view.php?id=CVE-2021-30323
Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una comprobación inapropiada del tamaño máximo de escritura de datos en el archivo EFS puede conllevar a una corrupción de la memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 220EXPL: 0CVE-2021-30300
https://notcve.org/view.php?id=CVE-2021-30300
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables Una posible denegación de servicio debido a una decodificación incorrecta de los datos hexadecimales del mensaje OTA SIB2 y a la asignación de un valor basura a la elección cuando es procesada la configuración SRS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.3EPSS: 0%CPEs: 204EXPL: 0CVE-2021-30285
https://notcve.org/view.php?id=CVE-2021-30285
Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una comprobación inapropiada de la región de memoria en el Hypervisor puede conllevar a un mapeo incorrecto de la región en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin • CWE-20: Improper Input Validation •