| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS while handling PS event when Program Service name length offset value is set to 255. |
| Memory corruption while processing API calls to NPU with invalid input. |
| Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. |
| Certain unprivileged processes are able to perform IOCTL calls. |
| Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. |
| Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. |
| Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. |
| Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. |
| Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. |
| Transient DOS due to improper authorization in Modem |
| Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. |
| Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
| Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. |
| Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. |
| Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. |
| Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. |
| Memory corruption due to configuration weakness in modem wile sending command to write protected files. |
| Memory corruption in modem due to buffer overflow while processing a PPP packet |
| Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
