Qcs404 firmware

This hub aggregates every CVE we track for Qcs404 firmware, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Qcs404 firmware.

• CVE-2021-30327Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Co...7.5Jun 14, 2022
• CVE-2020-3704u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent t...7.5Nov 2, 2020
• CVE-2020-3703u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overf...9.8Nov 2, 2020
• CVE-2020-3690u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT...7.8Nov 2, 2020
• CVE-2020-3684u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, ...7.8Nov 2, 2020
• CVE-2020-3678u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...7.8Nov 2, 2020
• CVE-2020-3638u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit...7.8Nov 2, 2020
• CVE-2020-11174u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO...7.8Nov 2, 2020
• CVE-2020-11173u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdrag...7.0Nov 2, 2020
• CVE-2020-11162u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap...7.8Nov 2, 2020
• CVE-2020-11156u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna...8.1Nov 2, 2020
• CVE-2020-11125u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag...7.8Nov 2, 2020
• CVE-2020-3679u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Sna...5.5Sep 9, 2020
• CVE-2020-11124u'Possible use-after-free while accessing diag client map table since list can be reallocated due to exceeding max client limit.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Sn...7.8Sep 9, 2020
• CVE-2020-3675u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C...9.8Sep 8, 2020