CVSS: 9.3EPSS: 0%CPEs: 202EXPL: 0CVE-2021-35122
https://notcve.org/view.php?id=CVE-2021-35122
Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Una región no segura puede intentar modificar los permisos RG de las xPUs del espacio IO debido a una comprobación de entrada inapropiada en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.3EPSS: 0%CPEs: 258EXPL: 0CVE-2021-35097
https://notcve.org/view.php?id=CVE-2021-35097
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible omisión de la autenticación debido a un orden incorrecto de la verificación de la firma y el hash en la llamada de verificación de la firma en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.4EPSS: 0%CPEs: 114EXPL: 0CVE-2021-35130
https://notcve.org/view.php?id=CVE-2021-35130
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Una corrupción de memoria en la capa de soporte de gráficos debido a la condición de uso después de libre en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 90EXPL: 0CVE-2021-35129
https://notcve.org/view.php?id=CVE-2021-35129
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Una corrupción de memoria en el controlador BT debido a una comprobación de longitud incorrecta mientras son procesados comandos específicos del proveedor en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 52EXPL: 0CVE-2021-35126
https://notcve.org/view.php?id=CVE-2021-35126
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile Una corrupción de memoria en el servicio DSP debido a una comprobación inapropiada de los parámetros de entrada en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-129: Improper Validation of Array Index •