U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:h:qualcomm:fsm10055:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 119 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

Published: December 04, 2023; 10:15:09 PM -0500 		V3.1: 7.8 HIGH
 V2.0:(not available)
CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

Published: December 04, 2023; 10:15:08 PM -0500 		V3.1: 7.8 HIGH
 V2.0:(not available)
CVE-2023-24847

Transient DOS in Modem while allocating DSM items.

Published: October 03, 2023; 2:15:22 AM -0400 		V3.1: 7.5 HIGH
 V2.0:(not available)
CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Published: May 02, 2023; 4:15:09 AM -0400 		V3.1: 7.5 HIGH
 V2.0:(not available)
CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP packet

Published: March 10, 2023; 4:15:11 PM -0500 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

Published: February 11, 2023; 11:15:14 PM -0500 		V3.1: 7.8 HIGH
 V2.0:(not available)
CVE-2022-25702

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: December 13, 2022; 11:15:18 AM -0500 		V3.1: 7.5 HIGH
 V2.0:(not available)
CVE-2022-25695

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: December 13, 2022; 11:15:18 AM -0500 		V3.1: 7.8 HIGH
 V2.0:(not available)
CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:17 AM -0400 		V3.1: 9.8 CRITICAL
 V2.0: 10.0 HIGH
CVE-2021-35100

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:16 AM -0400 		V3.1: 7.5 HIGH
 V2.0: 7.8 HIGH
CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:15 AM -0400 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:15 AM -0400 		V3.1: 6.7 MEDIUM
 V2.0: 7.2 HIGH
CVE-2021-30342

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:14 AM -0400 		V3.1: 5.9 MEDIUM
 V2.0: 7.1 HIGH
CVE-2021-30334

Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:14 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2021-30281

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:14 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2021-35106

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: April 01, 2022; 1:15:07 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2021-35105

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: April 01, 2022; 1:15:07 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2021-35088

Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: April 01, 2022; 1:15:07 AM -0400 		V3.1: 9.1 CRITICAL
 V2.0: 6.4 MEDIUM
CVE-2021-30331

Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: April 01, 2022; 1:15:07 AM -0400 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2021-1942

Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: April 01, 2022; 1:15:06 AM -0400 		V3.1: 8.8 HIGH
 V2.0: 7.2 HIGH