) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:h:qualcomm:qca1990:-:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-43511 |
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Published: January 02, 2024; 1:15:13 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-28565 |
Memory corruption in WLAN HAL while handling command streams through WMI interfaces. Published: September 05, 2023; 3:15:14 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-28560 |
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. Published: September 05, 2023; 3:15:13 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-21628 |
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. Published: June 06, 2023; 4:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-40532 |
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. Published: April 13, 2023; 3:15:20 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-25655 |
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. Published: March 10, 2023; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-40512 |
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. Published: February 11, 2023; 11:15:15 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-25719 |
Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published: October 19, 2022; 7:15:10 AM -0400 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0:(not available) |
| CVE-2022-25718 |
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published: October 19, 2022; 7:15:10 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2021-1924 |
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published: November 12, 2021; 2:15:07 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-1959 |
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: October 20, 2021; 3:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2020-11303 |
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: October 20, 2021; 3:15:07 AM -0400 |
V4.0:(not available) V3.1: 8.6 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-30261 |
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: September 17, 2021; 3:15:09 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2021-30260 |
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: September 17, 2021; 3:15:09 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2021-1909 |
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published: September 09, 2021; 4:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2021-1920 |
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Published: September 08, 2021; 8:15:07 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2021-1916 |
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Published: September 08, 2021; 8:15:07 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2020-11292 |
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: June 09, 2021; 3:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2020-11235 |
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 1:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2020-11159 |
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 1:15:07 AM -0400 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0: 9.4 HIGH |