qualcomm

csra6620_firmware

436 known vulnerabilities · sorted by CVSS score

CVE-2022-40510

CRITICAL9.8

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

qualcomm / apq8009_firmware+203

Network

Published Aug 8, 2023

Page 1 of 22

CVE-2023-22388

CRITICAL9.8

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

qualcomm / 315_5g_iot_modem_firmware+231

Network

Published Nov 7, 2023

CVE-2020-11170

CRITICAL9.8

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+506

Network

Published Feb 22, 2021

CVE-2022-25720

CRITICAL9.8

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / apq8009_firmware+184

Network

Published Oct 19, 2022

CVE-2022-25748

CRITICAL9.8

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+272

Network

Published Oct 19, 2022

CVE-2022-25651

CRITICAL9.8

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

qualcomm / apq8009_firmware+51

Network

Published Jun 14, 2022

CVE-2021-1972

CRITICAL9.8

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+276

Network

Published Sep 8, 2021

CVE-2022-25727

CRITICAL9.8

Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

qualcomm / ar8031_firmware+20

Network

Published Nov 15, 2022

CVE-2020-11272

CRITICAL9.8

Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / apq8009_firmware+347

Network

Published Feb 22, 2021

CVE-2022-22088

CRITICAL9.8

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

qualcomm / apq8009_firmware+149

Network

Published Jan 9, 2023

CVE-2022-25729

CRITICAL9.8

Memory corruption in modem due to improper length check while copying into memory

qualcomm / ar8031_firmware+29

Network

Published Feb 12, 2023

CVE-2020-11134

CRITICAL9.8

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

qualcomm / aqt1000_firmware+324

Network

Published Jun 9, 2021

CVE-2021-35104

CRITICAL9.8

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009w_firmware+175

Network

Published Jun 14, 2022

CVE-2021-1976

CRITICAL9.8

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+246

Network

Published Sep 17, 2021

CVE-2022-40514

CRITICAL9.8

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

qualcomm / aqt1000_firmware+228

Network

Published Feb 12, 2023

CVE-2021-30351

CRITICAL9.8

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

qualcomm / apq8009_firmware+195

Network

Published Jan 3, 2022

CVE-2020-11299

CRITICAL9.8

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

qualcomm / apq8009_firmware+380

Network

Published Mar 17, 2021

CVE-2022-22105

CRITICAL9.4

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

qualcomm / apq8009_firmware+50

Network

Published Sep 16, 2022

CVE-2022-33257

CRITICAL9.3

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

qualcomm / aqt1000_firmware+139

Local

Published Mar 10, 2023

CVE-2021-30275

CRITICAL9.3

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

qualcomm / ar8031_firmware+126

Local

Published Jan 3, 2022