U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 170 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2022-25651

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: June 14, 2022; 6:15:19 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2022-22065

Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:18 AM -0400
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2022-22064

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:18 AM -0400
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-35119

Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Published: June 14, 2022; 6:15:17 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-35116

APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: June 14, 2022; 6:15:17 AM -0400
V3.1: 7.1 HIGH
V2.0: 6.6 MEDIUM
CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:17 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-35085

Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Published: June 14, 2022; 6:15:16 AM -0400
V3.1: 7.1 HIGH
V2.0: 3.6 LOW
CVE-2021-35084

Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: June 14, 2022; 6:15:16 AM -0400
V3.1: 7.1 HIGH
V2.0: 3.6 LOW
CVE-2021-35083

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:16 AM -0400
V3.1: 9.1 CRITICAL
V2.0: 9.4 HIGH
CVE-2021-35078

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Published: June 14, 2022; 6:15:15 AM -0400
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:15 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-30350

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Published: June 14, 2022; 6:15:15 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:15 AM -0400
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:15 AM -0400
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-30342

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:14 AM -0400
V3.1: 5.9 MEDIUM
V2.0: 7.1 HIGH
CVE-2021-30341

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Published: June 14, 2022; 6:15:14 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-30334

Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Published: June 14, 2022; 6:15:14 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30281

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: June 14, 2022; 6:15:14 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-35117

An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Published: April 01, 2022; 1:15:07 AM -0400
V3.1: 9.1 CRITICAL
V2.0: 9.4 HIGH
CVE-2021-35106

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: April 01, 2022; 1:15:07 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH