Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-29482 'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-midd... | 3.7 | LOW | β | 0 |
| CVE-2022-29485 Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 6.1 | MEDIUM | β | 0 |
| CVE-2022-29506 Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary ... | 7.8 | HIGH | β | 0 |
| CVE-2022-29509 Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver... | 7.5 | HIGH | β | 0 |
| CVE-2022-29522 Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitra... | 7.8 | HIGH | β | 0 |
| CVE-2022-29524 Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by h... | 7.8 | HIGH | β | 0 |
| CVE-2022-29925 Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/o... | 7.8 | HIGH | β | 0 |
| CVE-2021-30281 Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti... | 8.4 | HIGH | β | 0 |
| CVE-2021-30327 Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Conne... | 7.5 | HIGH | β | 0 |
| CVE-2021-35087 Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile | 7.5 | HIGH | β | 0 |
| CVE-2021-30334 Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon ... | 8.4 | HIGH | β | 0 |
| CVE-2021-30338 Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute | 7.1 | HIGH | β | 0 |
| CVE-2021-30339 Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wire... | 9.0 | CRITICAL | β | 0 |
| CVE-2021-30340 Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobil... | 7.5 | HIGH | β | 0 |
| CVE-2021-30341 Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snap... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-30342 Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snap... | 9.1 | CRITICAL | β | 0 |
| CVE-2021-30343 Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap... | 9.1 | CRITICAL | β | 0 |
| CVE-2021-30344 Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu... | 7.5 | HIGH | β | 0 |
| CVE-2021-30345 RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networkin... | 6.5 | MEDIUM | β | 0 |
| CVE-2021-30346 RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networkin... | 6.5 | MEDIUM | β | 0 |
| CVE-2021-30347 Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity... | 9.1 | CRITICAL | β | 0 |
| CVE-2021-30350 Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ... | 8.4 | HIGH | β | 0 |
| CVE-2021-35070 RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile | 6.5 | MEDIUM | β | 0 |
| CVE-2021-35071 Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi... | 5.5 | MEDIUM | β | 0 |
| CVE-2021-35072 Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sna... | 7.8 | HIGH | β | 0 |
| CVE-2021-35073 Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 7.5 | HIGH | β | 0 |
| CVE-2022-35470 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97. | 6.5 | MEDIUM | β | 0 |
| CVE-2021-35076 Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapd... | 7.5 | HIGH | β | 0 |
| CVE-2021-35078 Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ... | 7.5 | HIGH | β | 0 |
| CVE-2021-35079 Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO... | 6.2 | MEDIUM | β | 0 |
| CVE-2021-35080 Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 6.5 | MEDIUM | β | 0 |
| CVE-2021-35086 Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial ... | 7.5 | HIGH | β | 0 |
| CVE-2021-35081 Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdr... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-35082 Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT | 9.1 | CRITICAL | β | 0 |
| CVE-2021-35083 Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electron... | 8.2 | HIGH | β | 0 |
| CVE-2021-35084 Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sn... | 5.5 | MEDIUM | β | 0 |
| CVE-2021-35085 Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon M... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-35471 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0. | 6.5 | MEDIUM | β | 0 |
| CVE-2021-35090 Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrago... | 9.3 | CRITICAL | β | 0 |
| CVE-2021-35091 Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile | 8.4 | HIGH | β | 0 |
| CVE-2021-35092 Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con... | 6.7 | MEDIUM | β | 0 |
| CVE-2021-35094 Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Indus... | 7.8 | HIGH | β | 0 |
| CVE-2021-35114 Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto | 8.4 | HIGH | β | 0 |
| CVE-2021-35095 Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobil... | 8.4 | HIGH | β | 0 |
| CVE-2021-35096 Improper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 7.5 | HIGH | β | 0 |
| CVE-2021-35098 Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I... | 6.7 | MEDIUM | β | 0 |
| CVE-2021-35100 Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indust... | 7.5 | HIGH | β | 0 |
| CVE-2021-40660 An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack. | 7.5 | HIGH | β | 0 |
| CVE-2021-35101 Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile | 7.1 | HIGH | β | 0 |
| CVE-2021-35102 Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.