CVSS: 7.8EPSS: 0%CPEs: 176EXPL: 0CVE-2021-30267
https://notcve.org/view.php?id=CVE-2021-30267
Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Un posible desbordamiento de enteros a desbordamiento de búfer debido a una comprobación de entrada inapropiada en los comandos FTM ARA en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 210EXPL: 0CVE-2021-30262
https://notcve.org/view.php?id=CVE-2021-30262
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una comprobación incorrecta del estado de un socket cuando son enviados eventos de socket a los clientes puede conllevar a un acceso no válido de memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 234EXPL: 0CVE-2021-1894
https://notcve.org/view.php?id=CVE-2021-1894
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un control de acceso inapropiado en TrustZone debido a un manejo inapropiado de errores mientras es manejada la clave de firma en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.2EPSS: 0%CPEs: 122EXPL: 0CVE-2020-11263
https://notcve.org/view.php?id=CVE-2020-11263
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Un desbordamiento de enteros debido a una comprobación inapropiada llevada a cabo después de alinear la dirección y el tamaño pasados en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 292EXPL: 0CVE-2021-30284
https://notcve.org/view.php?id=CVE-2021-30284
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible exposición de la información y denegación de servicio debido a que el NAS no deja caer los mensajes cuando falla la comprobación de integridad en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •