CVSS: 8.4EPSS: 0%CPEs: 392EXPL: 0CVE-2021-30288
https://notcve.org/view.php?id=CVE-2021-30288
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible desbordamiento de pila debido a una comprobación inapropiada de la longitud del TLV mientras se copia el TLV a una variable de pila local en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 376EXPL: 0CVE-2021-1959
https://notcve.org/view.php?id=CVE-2021-1959
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible corrupción de memoria debido a una falta de comprobación del índice de entrada en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 364EXPL: 0CVE-2021-30261
https://notcve.org/view.php?id=CVE-2021-30261
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento de enteros y de pila debido a una falta de comprobación del tamaño del comando de entrada mientras se maneja el comando de actualización de la plantilla de balizas desde HLOS en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 516EXPL: 0CVE-2021-30260
https://notcve.org/view.php?id=CVE-2021-30260
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Puede producirse un problema de desbordamiento de enteros a desbordamiento de búfer debido a una comprobación inapropiada de los parámetros de entrada cuando se recibe el comando de configuración extscan hostlist en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 276EXPL: 0CVE-2021-1960
https://notcve.org/view.php?id=CVE-2021-1960
Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una administración inapropiada de paquetes de difusión ASB-C con opcode diseñado en LMP puede conllevar a un consumo no controlado de recursos en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin • CWE-20: Improper Input Validation •