| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking |
| Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
| Information exposure in DSP services due to improper handling of freeing memory |
| Memory corruption in video driver due to type confusion error during video playback |
| Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content. |
| Memory corruption in display due to double free while allocating frame buffer memory |
| Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields |
| Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote |
| Denial of service while processing fastboot flash command on mmc due to buffer over read |
| Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device. |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM |
| Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. |
| Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. |
| Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. |
| Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. |
| Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload. |
| Memory corruption while processing API calls to NPU with invalid input. |
| Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. |
| Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. |
| Memory corruption when allocating and accessing an entry in an SMEM partition continuously. |
