CVSS: 7.3EPSS: 0%CPEs: 258EXPL: 0CVE-2021-35097
https://notcve.org/view.php?id=CVE-2021-35097
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible omisión de la autenticación debido a un orden incorrecto de la verificación de la firma y el hash en la llamada de verificación de la firma en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/august-2022-bulletin • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.4EPSS: 0%CPEs: 214EXPL: 0CVE-2021-35112
https://notcve.org/view.php?id=CVE-2021-35112
A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un usuario con permiso de nivel de usuario puede acceder a una región protegida por gráficos debido a un control de acceso inapropiado en la configuración de registros en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 352EXPL: 0CVE-2021-35104
https://notcve.org/view.php?id=CVE-2021-35104
Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible desbordamiento del búfer debido al análisis incorrecto de los encabezados mientras es reproducido el clip de audio FLAC en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 342EXPL: 0CVE-2021-35071
https://notcve.org/view.php?id=CVE-2021-35071
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible lectura excesiva del búfer debido a una falta de comprobación del tamaño mientras se copian datos del búfer DBR al búfer RX y puede conllevar a una denegación de servicio en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 192EXPL: 0CVE-2021-30350
https://notcve.org/view.php?id=CVE-2021-30350
Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Una falta de verificación del tamaño del encabezado de MBN contra el búfer de entrada puede conllevar a una corrupción de la memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-1284: Improper Validation of Specified Quantity in Input •