threat
engine
.sh
Back
·
··:··
Home
/
Product
/
qualcomm mdm9215 firmware
Product
qualcomm mdm9215 firmware
58 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-33051
all versions
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
7.5
HIGH
CVE-2023-33066
all versions
Memory corruption in Audio while processing RT proxy port register driver.
8.4
HIGH
CVE-2023-33080
all versions
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
7.5
HIGH
CVE-2023-33018
all versions
Memory corruption while using the UIM diag command to get the operators name.
7.8
HIGH
CVE-2023-24849
all versions
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
8.2
HIGH
CVE-2023-24848
all versions
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
8.2
HIGH
CVE-2023-28565
all versions
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
7.8
HIGH
CVE-2023-21628
all versions
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
8.4
HIGH
CVE-2022-40521
all versions
Transient DOS due to improper authorization in Modem
7.5
HIGH
CVE-2022-33264
all versions
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
7.9
HIGH
CVE-2022-40532
all versions
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4
HIGH
CVE-2022-33302
all versions
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le
6.8
MEDIUM
CVE-2022-33289
all versions
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
6.8
MEDIUM
CVE-2022-33213
all versions
Memory corruption in modem due to buffer overflow while processing a PPP packet
7.5
HIGH
CVE-2022-25694
all versions
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
8.4
HIGH
CVE-2022-25655
all versions
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
8.4
HIGH
CVE-2022-40512
all versions
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
7.5
HIGH
CVE-2022-33286
all versions
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
7.5
HIGH
CVE-2022-33285
all versions
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
7.5
HIGH
CVE-2022-33238
all versions
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Sna
7.5
HIGH
CVE-2022-25682
all versions
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Sn
8.4
HIGH
CVE-2022-33239
all versions
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto
7.5
HIGH
CVE-2022-25749
all versions
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Sna
7.5
HIGH
CVE-2022-25748
all versions
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Comp
9.8
CRITICAL
CVE-2022-25736
all versions
Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Comput
7.5
HIGH
CVE-2022-25720
all versions
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdrag
9.8
CRITICAL
CVE-2022-25718
all versions
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Co
9.1
CRITICAL
CVE-2021-30344
all versions
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Comp
7.5
HIGH
CVE-2021-35115
all versions
Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile
8.4
HIGH
CVE-2021-30293
all versions
Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne
7.5
HIGH
CVE-2021-30273
all versions
Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, S
7.5
HIGH
CVE-2021-30270
all versions
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Sn
7.3
HIGH
CVE-2021-30268
all versions
Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Sna
7.8
HIGH
CVE-2021-30284
all versions
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto
7.5
HIGH
CVE-2021-1975
all versions
Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput
9.8
CRITICAL
CVE-2021-1973
all versions
A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit
7.8
HIGH
CVE-2020-11303
all versions
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapd
8.6
HIGH
CVE-2021-30261
all versions
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from
8.4
HIGH
CVE-2021-30260
all versions
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist
8.4
HIGH
CVE-2021-1972
all versions
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap
9.8
CRITICAL
CVE-2021-1920
all versions
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C
9.8
CRITICAL
CVE-2021-1916
all versions
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,
9.8
CRITICAL
CVE-2020-11301
all versions
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapd
9.1
CRITICAL
CVE-2021-1955
all versions
Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon
7.5
HIGH
CVE-2020-11292
all versions
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd
7.8
HIGH
CVE-2020-11235
all versions
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag
7.8
HIGH
CVE-2020-11159
all versions
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po
9.1
CRITICAL
CVE-2020-11279
all versions
Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,
7.5
HIGH
CVE-2020-11251
all versions
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A
8.2
HIGH
CVE-2020-11191
all versions
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,
8.2
HIGH
CVE-2020-11166
all versions
Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in
9.1
CRITICAL
CVE-2020-11296
all versions
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap
7.5
HIGH
CVE-2020-11276
all versions
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation
9.1
CRITICAL
CVE-2020-11275
all versions
Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd
9.1
CRITICAL
CVE-2020-11269
all versions
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut
8.8
HIGH
CVE-2020-11177
all versions
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc
8.8
HIGH
CVE-2020-11170
all versions
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i
9.8
CRITICAL
CVE-2020-11119
all versions
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin