Page 35 of 391 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 192EXPL: 0

Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile Un posible desbordamiento del búfer cuando se actualizan los parámetros ikev2 para eliminar cargas útiles recibidas durante el intercambio de información debido a una falta de comprobación de la validación de entrada para deteminados parámetros recibidos del servidor ePDG en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-129: Improper Validation of Array Index •

CVSS: 8.4EPSS: 0%CPEs: 542EXPL: 0

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una escritura fuera de límites de la pila se produce al configurar un dispositivo de cifrado si la longitud de IV proporcionada excede el valor límite máximo en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 0%CPEs: 200EXPL: 0

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile Mientras se procesa el certificado del servidor desde el servidor IPSec, la comprobación del certificado para la API de nombre alternativo del sujeto puede causar un desbordamiento de la pila que puede conllevar a una corrupción de la memoria en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin • CWE-787: Out-of-bounds Write •

CVSS: 7.0EPSS: 0%CPEs: 778EXPL: 0

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una carrera entre el envío de comandos y la destrucción del contexto puede causar que se agregue un contexto no válido a la lista de pistas para su uso después de la publicación liberada. en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 8.4EPSS: 0%CPEs: 472EXPL: 0

An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile Puede ocurrir una falta de memoria no inicializada inapropiada en los servicios DIAG en los productos Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-908: Use of Uninitialized Resource •