Qualcomm Sd820_firmware
160 CVEs affecting Qualcomm Sd820_firmware. Latest disclosed: 2025-11-04. Critical: 28, High: 117.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22388 | Critical | 9.8 | 2023-11-07 | Memory Corruption in Multi-mode Call Processor while processing bit mask API. |
CVE-2022-40510 | Critical | 9.8 | 2023-08-08 | Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
CVE-2022-25748 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2022-25720 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C… |
CVE-2022-25651 | Critical | 9.8 | 2022-06-14 | Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Indust… |
CVE-2021-1975 | Critical | 9.8 | 2021-11-12 | Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, S… |
CVE-2021-1920 | Critical | 9.8 | 2021-09-08 | Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu… |
CVE-2021-1919 | Critical | 9.8 | 2021-09-08 | Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2021-1916 | Critical | 9.8 | 2021-09-08 | Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdrag… |
CVE-2020-11299 | Critical | 9.8 | 2021-03-17 | Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT… |
CVE-2020-11227 | Critical | 9.8 | 2021-03-17 | Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute… |
CVE-2020-11272 | Critical | 9.8 | 2021-02-22 | Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after… |
CVE-2020-11170 | Critical | 9.8 | 2021-02-22 | Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon… |
CVE-2018-11287 | Critical | 9.8 | 2018-09-20 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 45… |
CVE-2017-18314 | Critical | 9.8 | 2018-09-20 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205… |
CVE-2023-33030 | Critical | 9.3 | 2024-01-02 | Memory corruption in HLOS while running playready use-case. |
CVE-2023-43551 | Critical | 9.1 | 2024-06-03 | Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode C… |
CVE-2022-25718 | Critical | 9.1 | 2022-10-19 | Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consum… |
CVE-2020-11301 | Critical | 9.1 | 2021-09-08 | Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Comput… |
CVE-2020-11159 | Critical | 9.1 | 2021-06-09 | Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapd… |