Skip to main content

Qcn9274 Firmware

160 CVEs product

Monthly

CVE-2024-33015 HIGH PATCH This Week

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +188
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33014 HIGH PATCH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +315
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33013 HIGH PATCH This Week

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +165
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33012 HIGH PATCH This Week

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +243
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33011 HIGH This Week

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +243
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33010 HIGH PATCH This Week

Transient DOS while parsing fragments of MBSSID IE from beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Ar8035 Firmware Ar9380 Firmware +244
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21467 HIGH This Week

Information disclosure while handling beacon probe frame during scan entry generation in client side. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8835 Firmware Wsa8830 Firmware Wsa8815 Firmware +126
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21459 HIGH This Week

Information disclosure while handling beacon or probe response frame in STA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Snapdragon W5 Gen 1 Wearable Platform Firmware Snapdragon 870 5G Mobile Platform Sm8250 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware +172
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23368 HIGH PATCH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +337
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21482 HIGH PATCH This Week

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Csr8811 Firmware Immersive Home 214 Platform Firmware Immersive Home 216 Platform Firmware Immersive Home 316 Platform Firmware +65
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21466 HIGH PATCH This Week

Information disclosure while parsing sub-IE length during new IE generation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Fastconnect 7800 Firmware Immersive Home 3210 Platform Firmware Immersive Home 326 Platform Firmware +61
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-21462 MEDIUM This Month

Transient DOS while loading the TA ELF file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +305
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-21458 HIGH PATCH This Week

Information disclosure while handling SA query action frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware Csr8811 Firmware Fastconnect 7800 Firmware +108
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-21457 HIGH PATCH This Week

INformation disclosure while handling Multi-link IE in beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware Csr8811 Firmware Fastconnect 7800 Firmware +108
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-23363 HIGH This Week

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +120
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21477 HIGH This Week

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Csr8811 Firmware Fastconnect 6200 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21473 CRITICAL Act Now

Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Fastconnect 6900 Firmware +123
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-43511 HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +346
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33116 HIGH This Week

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Fastconnect 6900 Firmware +98
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33109 HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +301
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33062 HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +280
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33032 CRITICAL Act Now

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +114
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-33098 HIGH This Week

Transient DOS while parsing WPA IES, when it is passed with length more than expected size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +253
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33097 HIGH This Week

Transient DOS in WLAN Firmware while processing a FTMR frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +117
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33089 HIGH This Week

Transient DOS when processing a NULL buffer while parsing WLAN vdev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +220
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33088 HIGH This Week

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware +298
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33083 CRITICAL Act Now

Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn685X 5 Firmware +111
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33082 CRITICAL Act Now

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn685X 5 Firmware +111
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33081 HIGH This Week

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Csr8811 Firmware Wcn3991 Firmware +144
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33080 HIGH This Week

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +361
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33053 HIGH PATCH This Week

Memory corruption in Kernel while parsing metadata. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csr8811 Firmware Wcn6750 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +113
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33041 HIGH This Week

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ar8035 Firmware Csr8811 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +122
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-28586 MEDIUM This Month

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +304
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-28585 HIGH This Week

Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +271
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-33061 HIGH This Week

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +110
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-33056 HIGH This Week

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Ar8035 Firmware Csr8811 Firmware Wcn685X 5 Firmware +112
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-33048 HIGH This Week

Transient DOS in WLAN Firmware while parsing t2lm buffers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +110
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-33047 HIGH This Week

Transient DOS in WLAN Firmware while parsing no-inherit IES. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +173
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-33045 CRITICAL Act Now

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Qca6390 Firmware Wcn685X 5 Firmware +124
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-28553 MEDIUM PATCH This Month

Information Disclosure in WLAN Host when processing WMI event command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +139
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-24852 HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +262
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33028 CRITICAL Act Now

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +172
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33027 HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +323
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33026 HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +190
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28539 HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Csrb31024 Firmware +153
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33016 HIGH This Week

Transient DOS in WLAN firmware while parsing MLO (multi-link operation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Csr8811 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Immersive Home 214 Firmware +62
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28573 HIGH This Week

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +191
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28567 HIGH This Week

Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +281
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28557 HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +269
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28549 HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28548 HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +175
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21664 HIGH This Week

Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fsm10056 Firmware Ipq5010 Firmware +133
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21662 HIGH This Week

Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fsm10056 Firmware Ipq5010 Firmware +132
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28541 HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar9380 Firmware C V2x 9150 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24854 HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +155
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24851 HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware +182
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22386 HIGH PATCH This Week

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware +192
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21661 HIGH This Week

Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +111
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21660 HIGH This Week

Transient DOS in WLAN Firmware while parsing FT Information Elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Csr8811 Firmware Wcn6750 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +75
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21659 HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +266
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21658 HIGH This Week

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +147
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33238 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8064au Firmware +281
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33235 HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8096Au Firmware +244
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25677 HIGH PATCH This Week

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Qualcomm Buffer Overflow Use After Free Memory Corruption +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33239 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +231
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33237 HIGH This Week

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +236
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33236 HIGH This Week

Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Ar8035 Firmware Csr8811 Firmware +76
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25749 HIGH This Week

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +274
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25748 CRITICAL Act Now

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +271
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-25736 HIGH This Week

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Denial Of Service Buffer Overflow Aqt1000 Firmware +242
NVD
CVSS 3.1
7.5
EPSS
0.7%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +190
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware +317
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +167
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +245
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +245
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing fragments of MBSSID IE from beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +246
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure while handling beacon probe frame during scan entry generation in client side. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8835 Firmware +128
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure while handling beacon or probe response frame in STA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Snapdragon W5 Gen 1 Wearable Platform Firmware +174
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +339
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Csr8811 Firmware Immersive Home 214 Platform Firmware +67
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information disclosure while parsing sub-IE length during new IE generation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Fastconnect 7800 Firmware +63
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transient DOS while loading the TA ELF file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +307
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information disclosure while handling SA query action frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +110
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

INformation disclosure while handling Multi-link IE in beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +110
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +122
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +180
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +125
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +348
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +100
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +303
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +282
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 9205 Lte Modem Firmware +116
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing WPA IES, when it is passed with length more than expected size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +255
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while processing a FTMR frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +119
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when processing a NULL buffer while parsing WLAN vdev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +222
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Null Pointer Dereference +300
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +113
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +113
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +146
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +363
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Kernel while parsing metadata. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csr8811 Firmware Wcn6750 Firmware +115
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ar8035 Firmware Csr8811 Firmware +124
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +306
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +273
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +112
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Ar8035 Firmware +114
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing t2lm buffers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +112
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing no-inherit IES. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +175
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +126
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information Disclosure in WLAN Host when processing WMI event command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +141
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware +264
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Ar8035 Firmware +174
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +325
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +192
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +155
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN firmware while parsing MLO (multi-link operation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Csr8811 Firmware Fastconnect 6900 Firmware +64
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware Aqt1000 Firmware +193
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +283
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +271
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +177
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +135
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +134
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Ar8035 Firmware +157
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +184
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +194
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +113
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing FT Information Elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Csr8811 Firmware Wcn6750 Firmware +77
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +268
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +149
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +283
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +246
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Qualcomm Buffer Overflow +145
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +233
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +238
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +78
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +276
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +273
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Denial Of Service +244
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy