threat
engine
.sh
Back
·
··:··
Home
/
Product
/
qualcomm qca6694 firmware
Product
qualcomm qca6694 firmware
80 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-27074
all versions
Memory corruption while processing a GP command response.
8.8
HIGH
CVE-2025-27040
all versions
Information disclosure may occur while processing the hypervisor log.
6.5
MEDIUM
CVE-2024-33056
all versions
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
8.4
HIGH
CVE-2023-28565
all versions
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
7.8
HIGH
CVE-2022-22076
all versions
information disclosure due to cryptographic issue in Core during RPMB read request.
7.1
HIGH
CVE-2022-33286
all versions
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
7.5
HIGH
CVE-2022-33239
all versions
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto
7.5
HIGH
CVE-2022-33237
all versions
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Sna
7.5
HIGH
CVE-2022-25749
all versions
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Sna
7.5
HIGH
CVE-2022-25690
all versions
Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Au
7.5
HIGH
CVE-2021-30284
all versions
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto
7.5
HIGH
CVE-2021-30266
all versions
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon
6.7
MEDIUM
CVE-2021-30264
all versions
Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon
6.7
MEDIUM
CVE-2021-30255
all versions
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapd
7.8
HIGH
CVE-2021-30254
all versions
Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdra
7.8
HIGH
CVE-2021-1975
all versions
Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput
9.8
CRITICAL
CVE-2021-1973
all versions
A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit
7.8
HIGH
CVE-2021-1924
all versions
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon
9.0
CRITICAL
CVE-2021-30288
all versions
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Sn
8.4
HIGH
CVE-2021-1980
all versions
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Sna
7.5
HIGH
CVE-2021-1959
all versions
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi
7.8
HIGH
CVE-2021-30261
all versions
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from
8.4
HIGH
CVE-2021-30260
all versions
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist
8.4
HIGH
CVE-2021-1976
all versions
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Com
9.8
CRITICAL
CVE-2021-1971
all versions
Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,
7.5
HIGH
CVE-2021-1948
all versions
Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snap
7.5
HIGH
CVE-2021-1941
all versions
Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute,
7.5
HIGH
CVE-2021-1935
all versions
Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdra
7.1
HIGH
CVE-2021-1909
all versions
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, S
7.3
HIGH
CVE-2021-1972
all versions
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap
9.8
CRITICAL
CVE-2021-1928
all versions
Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdra
4.6
MEDIUM
CVE-2021-1920
all versions
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C
9.8
CRITICAL
CVE-2021-1919
all versions
Integer underflow can occur when the RTCP length is lesser than the actual blocks present in Snapdragon Auto, Snapdragon Comp
9.8
CRITICAL
CVE-2021-1916
all versions
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,
9.8
CRITICAL
CVE-2021-1914
all versions
Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Comput
7.5
HIGH
CVE-2021-1964
all versions
Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdrag
7.5
HIGH
CVE-2021-1945
all versions
Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Conn
7.5
HIGH
CVE-2021-1890
all versions
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon
8.4
HIGH
CVE-2021-1889
all versions
Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Con
8.4
HIGH
CVE-2021-1888
all versions
Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon
8.4
HIGH
CVE-2021-1886
all versions
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapd
8.4
HIGH
CVE-2020-11292
all versions
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd
7.8
HIGH
CVE-2020-11267
all versions
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdra
8.4
HIGH
CVE-2020-11241
all versions
Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Sn
7.5
HIGH
CVE-2020-11238
all versions
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute,
7.5
HIGH
CVE-2020-11235
all versions
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag
7.8
HIGH
CVE-2020-11159
all versions
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po
9.1
CRITICAL
CVE-2020-11134
all versions
Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN rangin
9.8
CRITICAL
CVE-2020-11126
all versions
Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon
9.1
CRITICAL
CVE-2021-1915
all versions
Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute,
7.8
HIGH
CVE-2020-11293
all versions
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length rece
5.1
MEDIUM
CVE-2020-11289
all versions
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute,
7.8
HIGH
CVE-2020-11285
all versions
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon
8.2
HIGH
CVE-2020-11279
all versions
Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,
7.5
HIGH
CVE-2020-11251
all versions
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A
8.2
HIGH
CVE-2020-11191
all versions
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,
8.2
HIGH
CVE-2020-11227
all versions
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdrag
9.8
CRITICAL
CVE-2020-11226
all versions
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Comp
7.5
HIGH
CVE-2020-11221
all versions
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insuffi
5.5
MEDIUM
CVE-2020-11199
all versions
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in
5.5
MEDIUM
CVE-2020-11192
all versions
Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapd
9.8
CRITICAL
CVE-2020-11190
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11189
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11188
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11171
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11166
all versions
Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in
9.1
CRITICAL
CVE-2020-11297
all versions
Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto,
7.5
HIGH
CVE-2020-11296
all versions
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap
7.5
HIGH
CVE-2020-11280
all versions
Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due
7.5
HIGH
CVE-2020-11278
all versions
Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snap
7.5
HIGH
CVE-2020-11276
all versions
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation
9.1
CRITICAL
CVE-2020-11275
all versions
Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd
9.1
CRITICAL
CVE-2020-11272
all versions
Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version
9.8
CRITICAL
CVE-2020-11270
all versions
Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM
7.5
HIGH
CVE-2020-11269
all versions
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut
8.8
HIGH
CVE-2020-11204
all versions
Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for par
7.8
HIGH
CVE-2020-11195
all versions
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffe
7.8
HIGH
CVE-2020-11177
all versions
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc
8.8
HIGH
CVE-2020-11170
all versions
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i
9.8
CRITICAL
CVE-2020-11119
all versions
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin