Skip to main content

Qcs5430 Firmware

190 CVEs product

Monthly

CVE-2024-49834 HIGH PATCH This Month

Memory corruption while power-up or power-down sequence of the camera sensor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +118
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45573 HIGH This Month

Memory corruption may occour while generating test pattern due to negative indexing of display ID. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45571 HIGH PATCH This Month

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Ar8035 Firmware Csr8811 Firmware +148
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45569 CRITICAL PATCH This Week

Memory corruption while parsing the ML IE due to invalid frame content. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +169
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-45560 HIGH This Month

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +33
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38420 HIGH This Month

Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +153
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-45558 HIGH PATCH This Month

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45542 HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45541 HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43050 HIGH This Week

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +51
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33056 HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +319
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33044 HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csrb31024 Firmware +204
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38422 HIGH PATCH This Week

Memory corruption while processing voice packet with arbitrary data received from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +259
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38419 HIGH PATCH This Week

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +144
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38415 HIGH PATCH This Week

Memory corruption while handling session errors from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +170
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38410 HIGH PATCH This Week

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38409 HIGH PATCH This Week

Memory corruption while station LL statistic handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38408 CRITICAL PATCH Act Now

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +225
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-38407 HIGH PATCH This Week

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +40
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-38406 HIGH PATCH This Week

Memory corruption while handling IOCTL calls in JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +40
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-38405 MEDIUM PATCH This Month

Transient DOS while processing the CU information from RNR IE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +94
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-38397 HIGH This Week

Transient DOS while parsing probe response and assoc response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8 Gen 2 Mobile Platform Firmware Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +111
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33073 HIGH This Week

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +155
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-33065 HIGH This Week

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Af Firmware Snapdragon 8Cx Compute Platform Sc8180Xp Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180Xp Aa Firmware +41
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-23369 HIGH This Week

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 888 5G Mobile Platform Sm8350 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware Wsa8845h Firmware Wsa8845 Firmware +114
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38402 HIGH PATCH This Week

Memory corruption while processing IOCTL call for getting group info. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33060 HIGH PATCH This Week

Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Firmware Aqt1000 Firmware +241
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33057 HIGH PATCH This Week

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +166
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33054 HIGH PATCH This Week

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm5430 Firmware +28
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33052 HIGH PATCH This Week

Memory corruption when user provides data for FM HCI command control operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +193
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33051 HIGH This Week

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware 9206 Lte Firmware Apq8017 Firmware Aqt1000 Firmware +278
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33050 HIGH PATCH This Week

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Csra6620 Firmware +248
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33048 HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +183
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33047 HIGH This Week

Memory corruption when the captureRead QDCM command is invoked from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm5430 Firmware +20
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33045 HIGH PATCH This Week

Memory corruption when BTFM client sends new messages over Slimbus to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +171
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33043 MEDIUM PATCH This Month

Transient DOS while handling PS event when Program Service name length offset value is set to 255. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +193
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-33042 HIGH PATCH This Week

Memory corruption when Alternative Frequency offset value is set to 255. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +192
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33038 HIGH PATCH This Week

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm4490 Firmware +39
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33016 MEDIUM This Month

memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcn9000 Firmware Qcn9011 Firmware Qcn9012 Firmware Qcn9013 Firmware +327
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2024-23364 HIGH This Week

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +173
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23362 HIGH This Week

Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +226
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-23359 HIGH This Week

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Qcn9024 Firmware Qcs4490 Firmware Qcs5430 Firmware +156
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-33034 HIGH PATCH This Week

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6200 Firmware Fastconnect 6700 Firmware +100
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33028 HIGH PATCH This Week

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware +134
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33026 HIGH PATCH This Week

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +160
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33024 HIGH PATCH This Week

Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware +176
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33023 HIGH PATCH This Week

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33021 HIGH PATCH This Week

Memory corruption while processing IOCTL call to set metainfo. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +132
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33020 HIGH PATCH This Week

Transient DOS while processing TID-to-link mapping IE elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +92
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33019 HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping action frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +144
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33018 HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +146
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33015 HIGH PATCH This Week

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +188
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33014 HIGH PATCH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +315
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33013 HIGH PATCH This Week

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +165
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33012 HIGH PATCH This Week

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +243
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33011 HIGH This Week

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +243
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33010 HIGH PATCH This Week

Transient DOS while parsing fragments of MBSSID IE from beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Ar8035 Firmware Ar9380 Firmware +244
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23384 HIGH PATCH This Week

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +100
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-23383 HIGH PATCH This Week

Memory corruption when kernel driver attempts to trigger hardware fences. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +69
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23382 HIGH This Week

Memory corruption while processing graphics kernel driver request to create DMA fence. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6200 Firmware Fastconnect 6700 Firmware +100
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23381 HIGH This Week

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +70
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23357 MEDIUM This Month

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware Qcs6125 Firmware +233
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-23356 HIGH This Week

Memory corruption during session sign renewal request calls in HLOS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +204
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23355 HIGH This Week

Memory corruption when keymaster operation imports a shared key. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +137
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23353 HIGH This Week

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +243
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23352 HIGH This Week

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Snapdragon 855 860 Mobile Platform Sm8150 Ac Firmware Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +99
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21481 HIGH This Week

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +161
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-23380 HIGH PATCH This Week

Memory corruption while handling user packets during VBO bind operation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6200 Firmware Fastconnect 6700 Firmware +102
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-23373 HIGH PATCH This Week

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23372 HIGH PATCH This Week

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +106
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23368 HIGH PATCH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +337
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21469 HIGH This Week

Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +219
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21465 HIGH This Week

Memory corruption while processing key blob passed by the user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +253
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21462 MEDIUM This Month

Transient DOS while loading the TA ELF file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +305
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-21461 HIGH This Week

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Apq8017 Firmware Apq8037 Firmware +307
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23351 HIGH PATCH This Week

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Buffer Overflow Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +88
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21480 CRITICAL Act Now

Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +108
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-21475 HIGH PATCH This Week

Memory corruption when the payload received from firmware is not as per the expected protocol size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +226
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21471 HIGH PATCH This Week

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware C V2x 9150 Firmware +167
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21468 HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +223
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33107 HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Apq8064au Firmware +233
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-33106 HIGH KEV PATCH THREAT This Week

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +144
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-33098 HIGH This Week

Transient DOS while parsing WPA IES, when it is passed with length more than expected size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +253
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33092 HIGH PATCH This Week

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +86
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33089 HIGH This Week

Transient DOS when processing a NULL buffer while parsing WLAN vdev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +220
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33088 HIGH This Week

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware +298
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33087 HIGH PATCH This Week

Memory corruption in Core while processing RX intent request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware +113
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33079 HIGH PATCH This Week

Memory corruption in Audio while running invalid audio recording from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +140
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33063 HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Apq8017 Firmware +278
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-33054 CRITICAL Act Now

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +164
NVD
CVSS 3.1
9.1
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while power-up or power-down sequence of the camera sensor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware +120
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption may occour while generating test pattern due to negative indexing of display ID. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6700 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free +150
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH This Week

Memory corruption while parsing the ML IE due to invalid frame content. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +171
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +35
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +155
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +180
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware +50
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aqt1000 Firmware +53
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +321
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +206
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing voice packet with arbitrary data received from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +261
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +146
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while handling session errors from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +172
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Wsa8845h Firmware +24
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while station LL statistic handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +23
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wsa8845h Firmware Wsa8845 Firmware +227
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +42
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Memory corruption while handling IOCTL calls in JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +42
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Transient DOS while processing the CU information from RNR IE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +96
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing probe response and assoc response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8 Gen 2 Mobile Platform Firmware Wsa8845h Firmware +113
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8845h Firmware +157
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Af Firmware +43
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 888 5G Mobile Platform Sm8350 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware +116
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing IOCTL call for getting group info. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +243
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +168
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +30
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when user provides data for FM HCI command control operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware +195
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware 9206 Lte Firmware +280
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +250
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +185
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when the captureRead QDCM command is invoked from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +22
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when BTFM client sends new messages over Slimbus to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +173
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Transient DOS while handling PS event when Program Service name length offset value is set to 255. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware +195
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when Alternative Frequency offset value is set to 255. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware +194
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +41
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcn9000 Firmware Qcn9011 Firmware +329
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +175
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 9205 Lte Modem Firmware Aqt1000 Firmware +228
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Qcn9024 Firmware +158
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +102
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +136
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +162
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Ar8035 Firmware +178
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +151
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing IOCTL call to set metainfo. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +134
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while processing TID-to-link mapping IE elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware +94
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping action frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +146
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +148
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +190
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware +317
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +167
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +245
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +245
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing fragments of MBSSID IE from beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +246
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +102
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when kernel driver attempts to trigger hardware fences. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +71
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing graphics kernel driver request to create DMA fence. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Memory Corruption +102
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Memory Corruption +72
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware +235
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption during session sign renewal request calls in HLOS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +206
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when keymaster operation imports a shared key. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +139
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +245
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Snapdragon 855 860 Mobile Platform Sm8150 Ac Firmware Wsa8845h Firmware +101
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while handling user packets during VBO bind operation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +104
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +220
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Fastconnect 6200 Firmware +108
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +339
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow 9205 Lte Modem Firmware +221
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing key blob passed by the user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 9205 Lte Modem Firmware Aqt1000 Firmware +255
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transient DOS while loading the TA ELF file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +307
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +309
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Buffer Overflow Fastconnect 6200 Firmware +90
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +110
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when the payload received from firmware is not as per the expected protocol size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware +228
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +169
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +225
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +235
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware +146
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing WPA IES, when it is passed with length more than expected size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +255
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +88
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when processing a NULL buffer while parsing WLAN vdev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +222
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Null Pointer Dereference +300
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Core while processing RX intent request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +115
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio while running invalid audio recording from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware +142
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +280
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Authentication Bypass 315 5g Iot Modem Firmware +166
NVD
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy