Skip to main content

Qrb5165n Firmware

197 CVEs product

Monthly

CVE-2023-43514 HIGH PATCH This Week

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +79
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-43511 HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +346
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33120 HIGH This Week

Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware +225
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33118 HIGH PATCH This Week

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow Ar8035 Firmware Csra6620 Firmware +128
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33117 HIGH PATCH This Week

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow Ar8035 Firmware Csra6620 Firmware +134
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33116 HIGH This Week

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Fastconnect 6900 Firmware +98
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33114 HIGH PATCH This Week

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +109
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33113 HIGH This Week

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +118
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33112 HIGH This Week

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +118
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33109 HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +301
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33094 HIGH This Week

Memory corruption while running VK synchronization with KASAN enabled. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Buffer Overflow Ar8035 Firmware Csra6620 Firmware +118
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33085 HIGH PATCH This Week

Memory corruption in wearables while processing data from AON. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +98
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33062 HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +280
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33033 HIGH This Week

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware +256
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33030 CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +289
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-33107 HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Apq8064au Firmware +233
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-33106 HIGH KEV PATCH THREAT This Week

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +144
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-33098 HIGH This Week

Transient DOS while parsing WPA IES, when it is passed with length more than expected size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +253
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33089 HIGH This Week

Transient DOS when processing a NULL buffer while parsing WLAN vdev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +220
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33088 HIGH This Week

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware +298
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33087 HIGH PATCH This Week

Memory corruption in Core while processing RX intent request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware +113
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33083 CRITICAL Act Now

Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn685X 5 Firmware +111
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33082 CRITICAL Act Now

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn685X 5 Firmware +111
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33080 HIGH This Week

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +361
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33079 HIGH PATCH This Week

Memory corruption in Audio while running invalid audio recording from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +140
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33063 HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Apq8017 Firmware +278
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-33041 HIGH This Week

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ar8035 Firmware Csr8811 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +122
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33022 HIGH This Week

Memory corruption in HLOS while invoking IOCTL calls from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware +207
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33017 HIGH This Week

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +272
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28588 HIGH PATCH This Week

Transient DOS in Bluetooth Host while rfc slot allocation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware +205
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-28586 MEDIUM This Month

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +304
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-28585 HIGH This Week

Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +271
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-28546 HIGH This Week

Memory Corruption in SPS Application while exporting public key in sorter TA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Apq8017 Firmware Apq8037 Firmware +270
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33059 HIGH PATCH This Week

Memory corruption in Audio while processing the VOC packet data from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware +255
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33055 HIGH PATCH This Week

Memory Corruption in Audio while invoking callback function in driver from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +147
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33031 HIGH PATCH This Week

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +160
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28556 HIGH This Week

Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28545 HIGH This Week

Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24852 HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +262
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33035 HIGH PATCH This Week

Memory corruption while invoking callback function of AFE from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware +139
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33034 HIGH PATCH This Week

Memory corruption while parsing the ADSP response command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware Wcn3998 Firmware +60
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33029 HIGH PATCH This Week

Memory corruption in DSP Service during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware +129
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33027 HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +323
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33026 HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +190
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28539 HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Csrb31024 Firmware +153
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21673 HIGH This Week

Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware +158
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33021 HIGH PATCH This Week

Memory corruption in Graphics while processing user packets for command submission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Apq8064au Firmware Aqt1000 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33015 HIGH This Week

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +186
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28573 HIGH This Week

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +191
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28567 HIGH This Week

Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +281
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28557 HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +269
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28549 HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28548 HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +175
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28538 HIGH This Week

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware Csra6620 Firmware Csra6640 Firmware +127
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21664 HIGH This Week

Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fsm10056 Firmware Ipq5010 Firmware +133
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21662 HIGH This Week

Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fsm10056 Firmware Ipq5010 Firmware +132
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28537 HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Aqt1000 Firmware +180
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22666 HIGH This Week

Memory Corruption in Audio while playing amrwbplus clips with modified content. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +169
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21651 HIGH This Week

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware Csra6620 Firmware +136
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28542 HIGH PATCH This Week

Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +179
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28541 HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar9380 Firmware C V2x 9150 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24854 HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +155
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24851 HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware +182
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22667 HIGH This Week

Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Firmware Apq8017 Firmware Aqt1000 Firmware +197
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22387 HIGH PATCH This Week

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow 315 5g Iot Firmware Apq8017 Firmware Aqt1000 Firmware +263
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22386 HIGH PATCH This Week

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware +192
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21670 HIGH PATCH This Week

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +179
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21669 HIGH PATCH This Week

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Aqt1000 Firmware Wcn3991 Firmware Wcn3998 Firmware +58
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21659 HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +266
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21657 HIGH PATCH This Week

Memoru corruption in Audio when ADSP sends input during record use case. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware Wcn3998 Firmware +122
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21666 HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-21665 HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8052 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33268 HIGH PATCH This Week

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +93
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2022-33238 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8064au Firmware +281
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33235 HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8096Au Firmware +244
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25681 HIGH This Week

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Qam8295p Firmware +95
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-33239 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +231
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33237 HIGH This Week

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +236
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25741 HIGH PATCH This Week

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Qualcomm Denial Of Service Aqt1000 Firmware Ar8035 Firmware +123
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25724 HIGH PATCH This Week

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +198
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25749 HIGH This Week

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +274
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25748 CRITICAL Act Now

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +271
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-25736 HIGH This Week

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Denial Of Service Buffer Overflow Aqt1000 Firmware +242
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-25720 CRITICAL PATCH Act Now

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +182
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-25661 HIGH This Week

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Qam8295p Firmware +95
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25690 HIGH This Week

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8096Au Firmware Aqt1000 Firmware Ar8031 Firmware +149
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25670 HIGH PATCH This Week

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Denial Of Service Buffer Overflow Apq8009 Firmware +125
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-22095 HIGH PATCH This Week

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Qualcomm Use After Free Apq8053 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-22094 HIGH This Week

memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware Qca6390 Firmware Qca6391 Firmware +53
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-22093 HIGH This Week

Memory corruption or temporary denial of service due to improper handling of concurrent hypervisor operations to attach or detach IRQs from virtual interrupt sources in Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Buffer Overflow Aqt1000 Firmware Qca6390 Firmware +54
NVD
CVSS 3.1
7.0
EPSS
0.1%
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow +81
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +348
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +227
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow +130
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow +136
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +100
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow +111
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +120
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +120
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +303
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption while running VK synchronization with KASAN enabled. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Buffer Overflow +120
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in wearables while processing data from AON. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +100
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +282
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware +258
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +291
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +235
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware +146
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing WPA IES, when it is passed with length more than expected size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +255
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when processing a NULL buffer while parsing WLAN vdev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +222
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Null Pointer Dereference +300
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Core while processing RX intent request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +115
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +113
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +113
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +363
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio while running invalid audio recording from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Ar8035 Firmware +142
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +280
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ar8035 Firmware Csr8811 Firmware +124
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in HLOS while invoking IOCTL calls from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +209
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +274
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Transient DOS in Bluetooth Host while rfc slot allocation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Apq8017 Firmware +207
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +306
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +273
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in SPS Application while exporting public key in sorter TA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +272
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio while processing the VOC packet data from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +257
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Audio while invoking callback function in driver from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +149
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware +162
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +218
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware +264
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while invoking callback function of AFE from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +141
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while parsing the ADSP response command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware +62
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in DSP Service during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +131
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +325
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +192
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +155
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware +160
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while processing user packets for command submission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +163
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Aqt1000 Firmware +188
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware Aqt1000 Firmware +193
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +283
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +271
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +177
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware +129
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +135
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +134
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +182
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Audio while playing amrwbplus clips with modified content. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apq8009 Firmware +171
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +138
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Firmware Apq8064au Firmware +181
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Ar8035 Firmware +157
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +184
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Firmware +199
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow 315 5g Iot Firmware +265
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +194
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware +181
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Aqt1000 Firmware +60
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +268
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memoru corruption in Audio when ADSP sends input during record use case. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Csra6620 Firmware Csra6640 Firmware +124
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +218
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Buffer Overflow +95
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +283
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +246
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware +97
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +233
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +238
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Qualcomm Denial Of Service +125
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qualcomm Buffer Overflow Apq8009 Firmware +200
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +276
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +273
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Denial Of Service +244
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Buffer Overflow Apq8009 Firmware +184
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware +97
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Apq8096Au Firmware +151
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Denial Of Service +127
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Qualcomm +50
NVD
EPSS 0% CVSS 7.0
HIGH This Week

memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware +55
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Memory corruption or temporary denial of service due to improper handling of concurrent hypervisor operations to attach or detach IRQs from virtual interrupt sources in Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Qualcomm Denial Of Service Buffer Overflow +56
NVD
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy