CVE-2018-11816

all versions

Crafted Binder Request Causes Heap UAF in MediaServer

7.8HIGH

CVE-2017-18153

all versions

A race condition exists in a driver potentially leading to a use-after-free condition.

8.4HIGH

CVE-2023-43551

all versions

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immedia

9.1CRITICAL

CVE-2023-33066

all versions

Memory corruption in Audio while processing RT proxy port register driver.

8.4HIGH

CVE-2023-33018

all versions

Memory corruption while using the UIM diag command to get the operators name.

7.8HIGH

CVE-2023-24849

all versions

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2HIGH

CVE-2023-24848

all versions

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2HIGH

CVE-2022-40521

all versions

Transient DOS due to improper authorization in Modem

7.5HIGH

CVE-2022-33264

all versions

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9HIGH

CVE-2022-33302

all versions

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

6.8MEDIUM

CVE-2022-33289

all versions

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8MEDIUM

CVE-2022-33213

all versions

Memory corruption in modem due to buffer overflow while processing a PPP packet

7.5HIGH

CVE-2022-25694

all versions

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

8.4HIGH

CVE-2022-25682

all versions

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Sn

8.4HIGH

CVE-2022-25720

all versions

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdrag

9.8CRITICAL

CVE-2021-30344

all versions

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Comp

7.5HIGH

CVE-2021-35115

all versions

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

8.4HIGH

CVE-2021-30293

all versions

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne

7.5HIGH

CVE-2021-30273

all versions

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, S

7.5HIGH

CVE-2021-30270

all versions

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Sn

7.3HIGH

CVE-2021-30268

all versions

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Sna

7.8HIGH

CVE-2021-30284

all versions

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto

7.5HIGH

CVE-2021-1975

all versions

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput

9.8CRITICAL

CVE-2021-1973

all versions

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

7.8HIGH

CVE-2021-30261

all versions

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from

8.4HIGH

CVE-2021-1972

all versions

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap

9.8CRITICAL

CVE-2021-1920

all versions

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C

9.8CRITICAL

CVE-2021-1916

all versions

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,

9.8CRITICAL

CVE-2021-1955

all versions

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon

7.5HIGH

CVE-2020-11292

all versions

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd

7.8HIGH

CVE-2020-11279

all versions

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

7.5HIGH

CVE-2020-11251

all versions

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A

8.2HIGH

CVE-2020-11191

all versions

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,

8.2HIGH

CVE-2020-11171

all versions

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

9.1CRITICAL

CVE-2020-11166

all versions

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

9.1CRITICAL

CVE-2020-11177

all versions

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

8.8HIGH

CVE-2020-11170

all versions

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

9.8CRITICAL