Total
127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11178 | 1 Qualcomm | 574 Aqt1000, Aqt1000 Firmware, Ar8031 and 571 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11177 | 1 Qualcomm | 814 Apq8009, Apq8009 Firmware, Apq8009w and 811 more | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11166 | 1 Qualcomm | 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11145 | 1 Qualcomm | 413 Apq8009, Apq8009w, Apq8017 and 410 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11144 | 1 Qualcomm | 414 Apq8009, Apq8009w, Apq8017 and 411 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2024-23385 | 1 Qualcomm | 188 205 Mobile Platform, 205 Mobile Platform Firmware, Apq8017 and 185 more | 2024-11-07 | N/A | 7.5 HIGH |
| Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | |||||
| CVE-2024-33045 | 1 Qualcomm | 360 Ar8035, Ar8035 Firmware, Csra6620 and 357 more | 2024-09-04 | N/A | 8.4 HIGH |
| Memory corruption when BTFM client sends new messages over Slimbus to ADSP. | |||||