) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-1907 |
Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Published: July 13, 2021; 2:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-1901 |
Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:08 AM -0400 |
V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-1899 |
Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Published: July 13, 2021; 2:15:08 AM -0400 |
V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-1898 |
Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:08 AM -0400 |
V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-1897 |
Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:08 AM -0400 |
V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-1896 |
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity Published: July 13, 2021; 2:15:08 AM -0400 |
V3.1: 4.3 MEDIUM V2.0: 3.3 LOW |
| CVE-2021-1890 |
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2021-1889 |
Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2021-1888 |
Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2021-1886 |
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Published: July 13, 2021; 2:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2020-11307 |
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Published: July 13, 2021; 2:15:07 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2021-1937 |
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 3:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-11306 |
Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 3:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2020-11304 |
Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 3:15:08 AM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
| CVE-2020-11298 |
While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 3:15:07 AM -0400 |
V3.1: 7.0 HIGH V2.0: 6.9 MEDIUM |
| CVE-2020-11292 |
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: June 09, 2021; 3:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
| CVE-2020-11291 |
Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile Published: June 09, 2021; 3:15:07 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2020-11267 |
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published: June 09, 2021; 3:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2020-11176 |
While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile Published: June 09, 2021; 3:15:07 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2020-11262 |
A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published: June 09, 2021; 1:15:07 AM -0400 |
V3.1: 7.0 HIGH V2.0: 4.4 MEDIUM |