CVSS: 7.8EPSS: 0%CPEs: 136EXPL: 0CVE-2021-35102
https://notcve.org/view.php?id=CVE-2021-35102
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile Un posible desbordamiento del búfer debido a una falta de comprobación de la longitud de la cadena NAI leída desde EFS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.4EPSS: 0%CPEs: 348EXPL: 0CVE-2021-35083
https://notcve.org/view.php?id=CVE-2021-35083
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible lectura fuera de límites debido a una comprobación inapropiada de la cadena de certificados en SSL o el intercambio de claves de Internet en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 160EXPL: 0CVE-2022-22057 – Qualcomm kgsl Driver Use-After-Free
https://notcve.org/view.php?id=CVE-2022-22057
Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Un uso de memoria previamente liberada en la valla de gráficos debido a una condición de carrera mientras es cerrado el descriptor de archivo de la valla y es destruida la línea de tiempo de gráficos simultáneamente en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • http://packetstormsecurity.com/files/172850/Qualcomm-kgsl-Driver-Use-After-Free.html https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 224EXPL: 0CVE-2021-35106
https://notcve.org/view.php?id=CVE-2021-35106
Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible lectura fuera de límites debido a un cálculo incorrecto de la longitud del mensaje WMI en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 314EXPL: 0CVE-2021-35105
https://notcve.org/view.php?id=CVE-2021-35105
Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible acceso fuera de límites debido a una comprobación de entrada incorrecta durante la creación de perfiles gráficos en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin • CWE-704: Incorrect Type Conversion or Cast •