Vulnerabilidades en Qualcomm, Inc.

2934 resultados
Análisis Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2021-30258HIGHPossible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, SnapdragEPSS 0.2%CVE-2021-30308HIGHPossible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, SnapdEPSS 0.2%CVE-2021-30256HIGHPossible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, SnapdrEPSS 0.2%CVE-2022-22084HIGHMemory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon ConnEPSS 0.2%CVE-2021-1984HIGHPossible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute,EPSS 0.2%CVE-2022-22103HIGHMemory corruption in multimedia driver due to double free while processing data from user in Snapdragon AutoEPSS 0.2%CVE-2021-30345MEDIUMRPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, SnapdraEPSS 0.2%CVE-2024-23354HIGHUse After Free in Graphics LinuxEPSS 0.2%CVE-2018-11985In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user sEPSS 0.2%CVE-2021-30346MEDIUMRPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, SnapdraEPSS 0.2%CVE-2023-28579MEDIUMBuffer Copy Without Checking Size of Input in WLAN HostEPSS 0.2%CVE-2023-28580MEDIUMBuffer Copy Without Checking Size of Input in WLAN HostEPSS 0.2%CVE-2023-33024MEDIUMBuffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface LayerEPSS 0.2%CVE-2021-1894HIGHImproper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, SEPSS 0.2%CVE-2021-30319HIGHPossible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, SnapdragoEPSS 0.2%CVE-2017-11030In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the HDMI video driver funEPSS 0.2%CVE-2017-9689In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CECEPSS 0.2%CVE-2017-11033In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the coresight-tmc driver,EPSS 0.2%CVE-2017-14896In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocationEPSS 0.2%CVE-2021-30336HIGHPossible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon EPSS 0.2%