This page lists publicly disclosed CVE vulnerabilities affecting qualcomm msm8940_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-21626 | Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. | [email protected] | 7.1 | 0.05% | 2023-08-08 | 2026-06-17 |
| CVE-2022-40510 | Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. | [email protected] | 9.8 | 0.36% | 2023-08-08 | 2026-06-17 |
| CVE-2022-33213 | Memory corruption in modem due to buffer overflow while processing a PPP packet | [email protected] | 7.5 | 0.41% | 2023-03-10 | 2026-06-17 |
| CVE-2022-25705 | Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | [email protected] | 7.8 | 0.06% | 2023-03-10 | 2026-06-17 |
| CVE-2022-25694 | Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM | [email protected] | 8.4 | 0.05% | 2023-03-10 | 2026-06-17 |
| CVE-2022-33233 | Memory corruption due to configuration weakness in modem wile sending command to write protected files. | [email protected] | 7.8 | 0.07% | 2023-02-11 | 2026-06-17 |
| CVE-2022-25695 | Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 8.4 | 0.06% | 2022-12-13 | 2026-06-17 |
| CVE-2022-25682 | Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 8.4 | 0.12% | 2022-12-13 | 2026-06-17 |
| CVE-2022-25719 | Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | [email protected] | 8.2 | 0.46% | 2022-10-19 | 2026-06-17 |
| CVE-2022-25718 | Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | [email protected] | 9.1 | 0.41% | 2022-10-19 | 2026-06-17 |
| CVE-2022-22091 | Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | [email protected] | 7.5 | 0.36% | 2022-09-16 | 2026-06-17 |
| CVE-2022-22062 | An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | [email protected] | 8.2 | 0.28% | 2022-09-02 | 2026-06-17 |
| CVE-2021-35135 | A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 6.2 | 0.11% | 2022-09-02 | 2026-06-16 |
| CVE-2021-35083 | Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 8.2 | 0.48% | 2022-06-14 | 2026-06-16 |
| CVE-2021-35072 | Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 7.8 | 0.16% | 2022-06-14 | 2026-06-16 |
| CVE-2021-30284 | Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 7.5 | 0.59% | 2021-11-12 | 2026-06-16 |
| CVE-2021-30255 | Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 7.8 | 0.15% | 2021-11-12 | 2026-06-16 |
| CVE-2021-30254 | Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 7.8 | 0.15% | 2021-11-12 | 2026-06-16 |
| CVE-2021-1975 | Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 9.8 | 0.84% | 2021-11-12 | 2026-06-16 |
| CVE-2021-1973 | A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | [email protected] | 7.8 | 0.15% | 2021-11-12 | 2026-06-16 |