CVSS: 7.8EPSS: 0%CPEs: 176EXPL: 0CVE-2021-30267
https://notcve.org/view.php?id=CVE-2021-30267
Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Un posible desbordamiento de enteros a desbordamiento de búfer debido a una comprobación de entrada inapropiada en los comandos FTM ARA en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 210EXPL: 0CVE-2021-30262
https://notcve.org/view.php?id=CVE-2021-30262
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una comprobación incorrecta del estado de un socket cuando son enviados eventos de socket a los clientes puede conllevar a un acceso no válido de memoria en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 292EXPL: 0CVE-2021-30284
https://notcve.org/view.php?id=CVE-2021-30284
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible exposición de la información y denegación de servicio debido a que el NAS no deja caer los mensajes cuando falla la comprobación de integridad en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.7EPSS: 0%CPEs: 408EXPL: 0CVE-2021-30266
https://notcve.org/view.php?id=CVE-2021-30266
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible uso de memoria previamente liberada debido a una comprobación inapropiada de la memoria cuando es inicializada una nueva interfaz mediante el comando Interface add en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 190EXPL: 0CVE-2021-30265
https://notcve.org/view.php?id=CVE-2021-30265
Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible corrupción de la memoria debido a una comprobación inapropiada de la dirección de la memoria mientras se procesa la IOCTL del espacio de usuario para borrar las estadísticas de filtros y rutas en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-787: Out-of-bounds Write •