CVSS: 7.8EPSS: 0%CPEs: 832EXPL: 0CVE-2020-11270
https://notcve.org/view.php?id=CVE-2020-11270
22 Feb 2021 — Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible denegación de servicio debido a que el respondedor RTT rechaza constantemente todos los FTMR al transm... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 1076EXPL: 0CVE-2020-11269
https://notcve.org/view.php?id=CVE-2020-11269
22 Feb 2021 — Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria durante el procesamiento de tramas EAPOL debido a una falta de compro... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1042EXPL: 0CVE-2020-11204
https://notcve.org/view.php?id=CVE-2020-11204
22 Feb 2021 — Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria y filtración de información en el subsistema debido a un... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 788EXPL: 0CVE-2020-11195
https://notcve.org/view.php?id=CVE-2020-11195
22 Feb 2021 — Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Una escritura y lectura fuera de límite en TA mientras se procesa un comando desde el lado NS debido a una comprobación de longitud inapropiada en los búferes de comando y respuesta en los productos Snapdragon Auto, Sn... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 818EXPL: 0CVE-2020-11177
https://notcve.org/view.php?id=CVE-2020-11177
22 Feb 2021 — User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un usuario puede sobrescribir el elemento Security Code NV sin conocer el SPC actual debido a una comprobación inapropiada de la configuración del código SPC y el bloqueo del dispos... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin •
CVSS: 10.0EPSS: 0%CPEs: 1014EXPL: 0CVE-2020-11170
https://notcve.org/view.php?id=CVE-2020-11170
22 Feb 2021 — Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un acceso fuera de límite a la memoria mientras se reproducen reproducciones de música con contenido vorbis diseñado debido a comprobaci... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 506EXPL: 0CVE-2020-3691
https://notcve.org/view.php?id=CVE-2020-3691
21 Jan 2021 — Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible acceso a la memoria fuera del límite en el audio debido a un flujo insuficiente de enteros mientras se procesan contenidos modificados en los product... • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 492EXPL: 0CVE-2020-3686
https://notcve.org/view.php?id=CVE-2020-3686
21 Jan 2021 — Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible problema de memoria fuera del límite durante la reproducción de música cuando un contenido de flujo de... • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 506EXPL: 0CVE-2020-3685
https://notcve.org/view.php?id=CVE-2020-3685
21 Jan 2021 — Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una variable de puntero que es liberada no es borrada puede resultar en corrupción de la memoria y conllevar a una denegación de servicio en los productos ... • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin • CWE-415: Double Free •
CVSS: 10.0EPSS: 0%CPEs: 405EXPL: 0CVE-2020-11225
https://notcve.org/view.php?id=CVE-2020-11225
21 Jan 2021 — Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un acceso fuera del límite en el controlador WLAN debido a una falta de comprobación de longitud de la matriz antes de copiar en la matriz en los producto... • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •