U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 633 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: January 03, 2022; 3:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30335

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: January 03, 2022; 3:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: January 03, 2022; 3:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30273

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Published: January 03, 2022; 3:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: January 03, 2022; 3:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: January 03, 2022; 3:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: January 03, 2022; 3:15:07 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: January 03, 2022; 3:15:07 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30262

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: January 03, 2022; 3:15:07 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-30284

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500 		V4.0:(not available)
 V3.1: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2021-30255

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30254

Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500 		V4.0:(not available)
 V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-1973

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: November 12, 2021; 2:15:07 AM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-1959

Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: October 20, 2021; 3:15:07 AM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-1949

Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Published: October 20, 2021; 3:15:07 AM -0400 		V4.0:(not available)
 V3.1: 8.4 HIGH
V2.0: 7.2 HIGH
CVE-2021-1936

Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Published: October 20, 2021; 3:15:07 AM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-30261

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: September 17, 2021; 3:15:09 AM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-1976

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: September 17, 2021; 3:15:08 AM -0400 		V4.0:(not available)
 V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH