Vulnerabilidades em Qualcomm, Inc.

2.934 resultados

Análise Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2020-11157—u'Lack of handling unexpected control messages while encryption was in progress can terminate the connection and thus leading to a DoS' in SEPSS 0.4%CVE-2020-11122—u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdragon Auto, SEPSS 0.4%CVE-2014-9947—In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist.EPSS 0.4%CVE-2022-25733HIGHNull Pointer Dereference in MODEMEPSS 0.4%CVE-2022-33250HIGHReachable assertion in ModemEPSS 0.4%CVE-2022-40527HIGHReachable Assertion in WLAN Embedded SWEPSS 0.4%CVE-2022-25735HIGHNull Pointer Dereference in MODEMEPSS 0.4%CVE-2022-25691HIGHDenial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon MobileEPSS 0.4%CVE-2022-33244HIGHReachable assertion in ModemEPSS 0.4%CVE-2022-25702HIGHDenial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, SnapdEPSS 0.4%CVE-2022-40535HIGHBuffer Over-read in WLANEPSS 0.4%CVE-2022-25672HIGHDenial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon MobileEPSS 0.4%CVE-2022-33238HIGHTransient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon CoEPSS 0.4%CVE-2022-25692HIGHDenial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, SEPSS 0.4%CVE-2022-33254HIGHReachable assertion in ModemEPSS 0.4%CVE-2022-33272HIGHReachable assertion in ModemEPSS 0.4%CVE-2022-40503HIGHBuffer over-read in Bluetooth Host.EPSS 0.4%CVE-2022-33309HIGHBuiffer over-read in WLAN Firmware.EPSS 0.4%CVE-2022-25734HIGHLoop with Unreachable Exit Condition in MODEMEPSS 0.4%CVE-2022-25689HIGHDenial of service in Modem due to reachable assertion in Snapdragon MobileEPSS 0.4%

← anteriorpágina 50 / 147próxima →