Skip to main content

Mdm9650 Firmware

318 CVEs product

Monthly

CVE-2025-27074 HIGH This Month

Memory corruption while processing a GP command response. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Csr8811 Firmware Immersive Home 214 Platform Firmware Immersive Home 216 Platform Firmware +91
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-21482 HIGH This Month

Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +283
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-27062 HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Ar8035 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-45562 MEDIUM PATCH This Month

Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow C V2x 9150 Firmware Fastconnect 6800 Firmware +76
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2025-21429 HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Sa9000p Firmware Sd626 Firmware Sd660 Firmware Sd670 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21428 HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 439 Mobile Platform Firmware Snapdragon 625 Mobile Platform Firmware Snapdragon 626 Mobile Platform Firmware Snapdragon 632 Mobile Platform Firmware +65
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-43066 HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Buffer Overflow Csrb31024 Firmware Fastconnect 6200 Firmware +96
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33056 HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +319
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38423 HIGH PATCH This Week

Memory corruption while processing GPU page table switch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8835 Firmware Wsa8830 Firmware Wsa8815 Firmware Wsa8810 Firmware +199
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38422 HIGH PATCH This Week

Memory corruption while processing voice packet with arbitrary data received from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +259
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33060 HIGH PATCH This Week

Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Firmware Aqt1000 Firmware +241
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33051 HIGH This Week

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware 9206 Lte Firmware Apq8017 Firmware Aqt1000 Firmware +278
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33014 HIGH PATCH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +315
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23373 HIGH PATCH This Week

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23368 HIGH PATCH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +337
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21461 HIGH This Week

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Apq8017 Firmware Apq8037 Firmware +307
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21471 HIGH PATCH This Week

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware C V2x 9150 Firmware +167
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21468 HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +223
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-43511 HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +346
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33120 HIGH This Week

Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware +225
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33113 HIGH This Week

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +118
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33112 HIGH This Week

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +118
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33033 HIGH This Week

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware +256
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33030 CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +289
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-33107 HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Apq8064au Firmware +233
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-33080 HIGH This Week

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +361
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33063 HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Apq8017 Firmware +278
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-33017 HIGH This Week

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +272
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28586 MEDIUM This Month

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +304
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-28546 HIGH This Week

Memory Corruption in SPS Application while exporting public key in sorter TA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Apq8017 Firmware Apq8037 Firmware +270
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33059 HIGH PATCH This Week

Memory corruption in Audio while processing the VOC packet data from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware +255
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33031 HIGH PATCH This Week

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +160
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28563 MEDIUM This Month

Information disclosure in IOE Firmware while handling WMI command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +226
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-33035 HIGH PATCH This Week

Memory corruption while invoking callback function of AFE from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware +139
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28571 MEDIUM PATCH This Month

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Apq8064au Firmware Csrb31024 Firmware Qca6390 Firmware +82
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-24849 HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +233
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33021 HIGH PATCH This Week

Memory corruption in Graphics while processing user packets for command submission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Apq8064au Firmware Aqt1000 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33020 HIGH PATCH This Week

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass 9206 Lte Firmware Apq8017 Firmware Apq8052 Firmware Apq8056 Firmware +78
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33019 HIGH PATCH This Week

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass 9206 Lte Firmware Apq8017 Firmware Apq8052 Firmware Apq8056 Firmware +78
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28565 HIGH This Week

Memory corruption in WLAN HAL while handling command streams through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 9205 Lte Firmware Apq8017 Firmware Apq8064au Firmware Apq8076 Firmware +288
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28564 HIGH This Week

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar9380 Firmware +244
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21649 HIGH PATCH This Week

Memory corruption in WLAN while running doDriverCmd for an unspecific command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware Mdm9628 Firmware Mdm9650 Firmware +61
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21625 HIGH This Week

Information disclosure in Network Services due to buffer over-read while the device receives DNS response. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8037 Firmware +43
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28542 HIGH PATCH This Week

Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +179
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28541 HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar9380 Firmware C V2x 9150 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21629 MEDIUM This Month

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Apq8017 Firmware Apq8037 Firmware Aqt1000 Firmware +203
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2023-21657 HIGH PATCH This Week

Memoru corruption in Audio when ADSP sends input during record use case. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware Wcn3998 Firmware +122
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21628 HIGH This Week

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +279
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21666 HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-21665 HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8052 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33238 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8064au Firmware +281
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25695 HIGH This Week

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware Qcs610 Firmware Sd660 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25682 HIGH This Week

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +201
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25677 HIGH PATCH This Week

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Qualcomm Buffer Overflow Use After Free Memory Corruption +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33239 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +231
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25743 HIGH PATCH This Week

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Qualcomm Use After Free Buffer Overflow Memory Corruption Apq8009 Firmware +188
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25724 HIGH PATCH This Week

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +198
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25710 HIGH This Week

Denial of service due to null pointer dereference when GATT is disconnected in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware +60
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25749 HIGH This Week

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +274
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25748 CRITICAL Act Now

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +271
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-25720 CRITICAL PATCH Act Now

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +182
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-25718 CRITICAL Act Now

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8009 Firmware Apq8009W Firmware Apq8016 Firmware +139
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-25687 CRITICAL Act Now

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +178
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-25666 MEDIUM PATCH This Month

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption Qualcomm Use After Free +148
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-25664 MEDIUM This Month

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8009 Firmware Apq8052 Firmware Apq8053 Firmware +107
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-22058 HIGH PATCH This Week

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption Qualcomm Use After Free +79
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25690 HIGH This Week

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8096Au Firmware Aqt1000 Firmware Ar8031 Firmware +149
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25688 CRITICAL Act Now

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +147
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-25670 HIGH PATCH This Week

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Denial Of Service Buffer Overflow Apq8009 Firmware +125
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-25669 HIGH This Week

Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Denial Of Service Buffer Overflow Apq8009 Firmware +140
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25654 MEDIUM PATCH This Month

Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Qualcomm Buffer Overflow Apq8096Au Firmware Mdm9650 Firmware +19
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-22105 CRITICAL Act Now

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +49
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-22074 HIGH This Week

Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware +152
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25668 CRITICAL Act Now

Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +143
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-25659 CRITICAL Act Now

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +151
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-25658 CRITICAL Act Now

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +142
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-22080 HIGH PATCH This Week

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Qualcomm Buffer Overflow Apq8053 Firmware Apq8096Au Firmware +110
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-22070 HIGH This Week

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-22062 CRITICAL Act Now

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware +197
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2022-25651 CRITICAL Act Now

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +50
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-22087 CRITICAL Act Now

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +152
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-22086 CRITICAL Act Now

Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009W Firmware Apq8017 Firmware Apq8053 Firmware +137
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-22085 HIGH This Week

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware +153
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22084 HIGH This Week

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware +151
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22083 HIGH This Week

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Qualcomm Buffer Overflow Information Disclosure Apq8009 Firmware +150
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22082 HIGH This Week

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +150
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22072 HIGH PATCH This Week

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +55
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22065 HIGH PATCH This Week

Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Qualcomm Buffer Overflow Information Disclosure Apq8009 Firmware Apq8009W Firmware +165
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22064 HIGH PATCH This Week

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Qualcomm Buffer Overflow Information Disclosure Apq8009 Firmware Apq8009W Firmware +160
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-30284 CRITICAL Act Now

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Information Disclosure Apq8009 Firmware Apq8009W Firmware +144
NVD
CVSS 3.1
9.1
EPSS
0.6%
EPSS 0% CVSS 8.8
HIGH This Month

Memory corruption while processing a GP command response. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Csr8811 Firmware +93
NVD
EPSS 0% CVSS 7.1
HIGH This Month

Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +285
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware +151
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow +78
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Sa9000p Firmware Sd626 Firmware +180
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 439 Mobile Platform Firmware Snapdragon 625 Mobile Platform Firmware +67
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Buffer Overflow +98
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +321
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing GPU page table switch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8835 Firmware Wsa8830 Firmware +201
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing voice packet with arbitrary data received from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +261
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +243
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware 9206 Lte Firmware +280
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware +317
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +220
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +339
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +309
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +169
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +225
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +348
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +227
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +120
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +120
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware +258
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +291
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +235
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +363
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +280
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +274
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +306
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in SPS Application while exporting public key in sorter TA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +272
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio while processing the VOC packet data from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +257
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware +162
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure in IOE Firmware while handling WMI command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Aqt1000 Firmware +228
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while invoking callback function of AFE from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +141
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Apq8064au Firmware +84
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +235
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while processing user packets for command submission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +163
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass 9206 Lte Firmware Apq8017 Firmware +80
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass 9206 Lte Firmware Apq8017 Firmware +80
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while handling command streams through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 9205 Lte Firmware Apq8017 Firmware +290
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Aqt1000 Firmware +246
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN while running doDriverCmd for an unspecific command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware +63
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure in Network Services due to buffer over-read while the device receives DNS response. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apq8009 Firmware +45
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Firmware Apq8064au Firmware +181
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +196
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Apq8017 Firmware +205
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memoru corruption in Audio when ADSP sends input during record use case. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Csra6620 Firmware Csra6640 Firmware +124
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +281
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +218
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +283
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +203
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Qualcomm Buffer Overflow +145
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +233
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Qualcomm Use After Free Buffer Overflow +190
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qualcomm Buffer Overflow Apq8009 Firmware +200
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service due to null pointer dereference when GATT is disconnected in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Qualcomm Denial Of Service +62
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +276
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +273
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Buffer Overflow Apq8009 Firmware +184
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8009 Firmware +141
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +180
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption +150
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8009 Firmware +109
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption +81
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8096Au Firmware +151
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +149
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Denial Of Service +127
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Denial Of Service +142
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Qualcomm Buffer Overflow +21
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +51
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +154
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +145
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +153
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +144
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Qualcomm Buffer Overflow +112
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow +145
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +199
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +52
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +154
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009W Firmware +139
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow +155
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow +153
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Qualcomm Buffer Overflow +152
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +152
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Buffer Overflow Apq8009 Firmware +57
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Qualcomm Buffer Overflow Information Disclosure +167
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Qualcomm Buffer Overflow Information Disclosure +162
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Information Disclosure +146
NVD
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy