CVSS: 10.0EPSS: 0%CPEs: 650EXPL: 0CVE-2020-11134
https://notcve.org/view.php?id=CVE-2020-11134
Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible escritura fuera de límites de la pila enlazada puede ocurrir debido a la longitud del mapa de bits de tiempo y los campos de duración de bits de los atributos como el atributo de configuración de rango de NAN dentro de un frame de administración de NAN no están debidamente comprobados en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 782EXPL: 0CVE-2020-11126
https://notcve.org/view.php?id=CVE-2020-11126
Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible lectura fuera de límites mientras se analiza la trama WLAN debido a una falta de comprobación de la longitud del cuerpo y del encabezado en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 794EXPL: 0CVE-2021-1905 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-1905
Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible uso de la memoria previamente liberada debido a un manejo inapropiado de la asignación de la memoria de múltiples procesos simultáneamente. en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously. • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 994EXPL: 0CVE-2020-11289
https://notcve.org/view.php?id=CVE-2020-11289
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una escritura fuera de límite puede ocurrir en el controlador de comandos TZ debido a una falta de comprobación de la ID del comando en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Infraestructura y redes cableadas de Snapdragon • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.0EPSS: 0%CPEs: 680EXPL: 0CVE-2020-11293
https://notcve.org/view.php?id=CVE-2020-11293
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una lectura fuera del límite puede ocurrir en Widevine TA mientras son copiados datos al búfer de los datos del usuario debido a una falta de comprobación de la longitud del búfer recibida en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Infraestructura cableada Snapdragon y redes • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-125: Out-of-bounds Read •