Skip to main content

Sd865 5g Firmware

413 CVEs product

Monthly

CVE-2023-28570 HIGH This Week

Memory corruption while processing audio effects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware +79
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28556 HIGH This Week

Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28554 MEDIUM PATCH This Month

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Information Disclosure Aqt1000 Firmware Ar9380 Firmware +144
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-28553 MEDIUM PATCH This Month

Information Disclosure in WLAN Host when processing WMI event command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +139
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-28545 HIGH This Week

Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24852 HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +262
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22388 CRITICAL Act Now

Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware +220
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-33035 HIGH PATCH This Week

Memory corruption while invoking callback function of AFE from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware +139
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33028 CRITICAL Act Now

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +172
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33027 HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +323
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33026 HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +190
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28571 MEDIUM PATCH This Month

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Apq8064au Firmware Csrb31024 Firmware Qca6390 Firmware +82
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-28540 HIGH This Week

Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware +147
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-28539 HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Csrb31024 Firmware +153
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24853 HIGH This Week

Memory Corruption in HLOS while registering for key provisioning notify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +107
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24850 HIGH This Week

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware Aqt1000 Firmware Ar8035 Firmware +200
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24849 HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +233
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24848 HIGH This Week

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +239
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24847 HIGH This Week

Transient DOS in Modem while allocating DSM items. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +252
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24843 HIGH This Week

Transient DOS in Modem while triggering a camping on an 5G cell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +61
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-22385 CRITICAL Act Now

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +235
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-21673 HIGH This Week

Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware +158
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33021 HIGH PATCH This Week

Memory corruption in Graphics while processing user packets for command submission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Apq8064au Firmware Aqt1000 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33015 HIGH This Week

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +186
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28581 CRITICAL Act Now

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6800 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qca6391 Firmware +21
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-28573 HIGH This Week

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +191
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28567 HIGH This Week

Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +281
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28558 HIGH This Week

Memory corruption in WLAN handler while processing PhyID in Tx status handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +191
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28557 HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +269
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28549 HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28548 HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +175
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28538 HIGH This Week

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware Csra6620 Firmware Csra6640 Firmware +127
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21667 MEDIUM PATCH This Month

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Qca6390 Firmware Qca6391 Firmware Qca6426 Firmware Qca6436 Firmware +39
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-21664 HIGH This Week

Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fsm10056 Firmware Ipq5010 Firmware +133
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21662 HIGH This Week

Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fsm10056 Firmware Ipq5010 Firmware +132
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21654 HIGH PATCH This Week

Memory corruption in Audio during playback session with audio effects enabled. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware Mdm9150 Firmware Mdm9628 Firmware +52
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21646 HIGH This Week

Transient DOS in Modem while processing invalid System Information Block 1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ar8035 Firmware Qca6390 Firmware Qca6391 Firmware Qca6574a Firmware +50
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-21644 HIGH This Week

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware Qca6391 Firmware Qca6420 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21636 HIGH This Week

Memory Corruption due to improper validation of array index in Linux while updating adn record. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware Qca6391 Firmware Qca6420 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28577 HIGH PATCH This Week

In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Fastconnect 6800 Firmware Fastconnect 6900 Firmware +28
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28576 HIGH PATCH This Week

The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. Rated high severity (CVSS 7.0).

Buffer Overflow Fastconnect 6800 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qca6391 Firmware +26
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-28575 HIGH PATCH This Week

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Information Disclosure Aqt1000 Firmware C V2x 9150 Firmware Fastconnect 6200 Firmware +56
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28555 HIGH This Week

Transient DOS in Audio while remapping channel buffer in media codec decoding. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Wcn3991 Firmware Wcn3998 Firmware Wcn6750 Firmware +67
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28537 HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Aqt1000 Firmware +180
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22666 HIGH This Week

Memory Corruption in Audio while playing amrwbplus clips with modified content. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +169
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21652 HIGH This Week

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +116
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-21651 HIGH This Week

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware Csra6620 Firmware +136
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21650 HIGH This Week

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Csrb31024 Firmware Qam8295p Firmware Qca6390 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21649 HIGH PATCH This Week

Memory corruption in WLAN while running doDriverCmd for an unspecific command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware Mdm9628 Firmware Mdm9650 Firmware +61
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21647 MEDIUM PATCH This Month

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Qca6390 Firmware Qca6391 Firmware Qca6426 Firmware Qca6436 Firmware +39
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-21627 HIGH This Week

Memory corruption in Trusted Execution Environment while calling service API with invalid address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware Qca6391 Firmware Qca6420 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21626 HIGH This Week

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apq8009 Firmware Apq8017 Firmware Apq8037 Firmware Aqt1000 Firmware +181
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-28542 HIGH PATCH This Week

Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +179
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28541 HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar9380 Firmware C V2x 9150 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24854 HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +155
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24851 HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware +182
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22667 HIGH This Week

Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Firmware Apq8017 Firmware Aqt1000 Firmware +197
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22387 HIGH PATCH This Week

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow 315 5g Iot Firmware Apq8017 Firmware Aqt1000 Firmware +263
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22386 HIGH PATCH This Week

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware +192
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21672 HIGH PATCH This Week

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6700 Firmware Fastconnect 6900 Firmware +54
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21638 HIGH This Week

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +31
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21637 HIGH This Week

Memory corruption in Linux while calling system configuration APIs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +50
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21635 HIGH This Week

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Csrb31024 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21633 HIGH This Week

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware +92
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21631 CRITICAL Act Now

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5G Firmware 9205 Firmware Apq8017 Firmware Apq8037 Firmware +151
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-21629 MEDIUM This Month

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Apq8017 Firmware Apq8037 Firmware Aqt1000 Firmware +203
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2023-21624 MEDIUM This Month

Information disclosure in DSP Services while loading dynamic module. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 6700 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware Qam8255p Firmware +61
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21670 HIGH PATCH This Week

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +179
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21669 HIGH PATCH This Week

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Aqt1000 Firmware Wcn3991 Firmware Wcn3998 Firmware +58
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21661 HIGH This Week

Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +111
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21659 HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +266
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21658 HIGH This Week

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +147
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21657 HIGH PATCH This Week

Memoru corruption in Audio when ADSP sends input during record use case. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Csra6620 Firmware Csra6640 Firmware Wcn3991 Firmware Wcn3998 Firmware +122
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21656 HIGH PATCH This Week

Memory corruption in WLAN HOST while receiving an WMI event from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Csrb31024 Firmware +124
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21666 HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-21665 HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8052 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-33268 HIGH PATCH This Week

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8017 Firmware +93
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2022-33238 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8064au Firmware +281
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-33235 HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow Apq8009 Firmware Apq8096Au Firmware +244
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25712 HIGH PATCH This Week

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qualcomm Buffer Overflow Aqt1000 Firmware Mdm9150 Firmware Qca6310 Firmware +43
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25711 HIGH PATCH This Week

Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Buffer Overflow Aqt1000 Firmware Mdm9150 Firmware Qca6390 Firmware +55
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25702 HIGH This Week

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8037 Firmware +76
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25695 HIGH This Week

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware Qcs610 Firmware Sd660 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25692 HIGH This Week

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware Qca6390 Firmware Qca6391 Firmware +59
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25685 HIGH This Week

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware +123
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-25682 HIGH This Week

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +201
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25681 HIGH This Week

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Qam8295p Firmware +95
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25677 HIGH PATCH This Week

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Qualcomm Buffer Overflow Use After Free Memory Corruption +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25675 MEDIUM This Month

Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Aqt1000 Firmware Qca6310 Firmware Qca6320 Firmware +46
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-33239 HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +231
NVD
CVSS 3.1
7.5
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing audio effects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +81
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +218
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Information Disclosure +146
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information Disclosure in WLAN Host when processing WMI event command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +141
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware +264
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware +222
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while invoking callback function of AFE from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +141
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Ar8035 Firmware +174
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +325
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +192
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Apq8064au Firmware +84
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware +149
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +155
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in HLOS while registering for key provisioning notify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +109
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware +202
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +235
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +241
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in Modem while allocating DSM items. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +254
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in Modem while triggering a camping on an 5G cell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware Ar8035 Firmware +63
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +237
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware +160
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while processing user packets for command submission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +163
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Aqt1000 Firmware +188
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6800 Firmware Fastconnect 6900 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware Aqt1000 Firmware +193
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +283
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN handler while processing PhyID in Tx status handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +193
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +271
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +177
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware +129
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Qca6390 Firmware Qca6391 Firmware +41
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +135
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Core Platform while printing the response buffer in log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +134
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio during playback session with audio effects enabled. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware +54
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in Modem while processing invalid System Information Block 1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ar8035 Firmware Qca6390 Firmware +52
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption due to improper validation of array index in Linux while updating adn record. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +30
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. Rated high severity (CVSS 7.0).

Buffer Overflow Fastconnect 6800 Firmware Fastconnect 6900 Firmware +28
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Information Disclosure Aqt1000 Firmware +58
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in Audio while remapping channel buffer in media codec decoding. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Wcn3991 Firmware +69
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +182
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Audio while playing amrwbplus clips with modified content. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apq8009 Firmware +171
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Aqt1000 Firmware Ar8035 Firmware +118
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +138
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Csrb31024 Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN while running doDriverCmd for an unspecific command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware +63
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Qca6390 Firmware Qca6391 Firmware +41
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Trusted Execution Environment while calling service API with invalid address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware +46
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apq8009 Firmware Apq8017 Firmware +183
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Firmware Apq8064au Firmware +181
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Ar8035 Firmware +157
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while parsing QMI response message from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +184
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Firmware +199
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow 315 5g Iot Firmware +265
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +194
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +56
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +33
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Linux while calling system configuration APIs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +52
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Csrb31024 Firmware +46
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Aqt1000 Firmware +94
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5G Firmware 9205 Firmware +153
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5G Firmware Apq8017 Firmware +205
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure in DSP Services while loading dynamic module. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 6700 Firmware Fastconnect 6800 Firmware +63
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware +181
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Aqt1000 Firmware +60
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +113
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +268
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +149
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memoru corruption in Audio when ADSP sends input during record use case. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Csra6620 Firmware Csra6640 Firmware +124
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN HOST while receiving an WMI event from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +126
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +218
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Qualcomm Buffer Overflow +95
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +283
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Buffer Overflow +246
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Qualcomm Buffer Overflow Aqt1000 Firmware +45
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Buffer Overflow Aqt1000 Firmware +57
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +78
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware +196
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Ar8035 Firmware +61
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualcomm Denial Of Service +125
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Apq8009 Firmware +203
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Aqt1000 Firmware +97
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Qualcomm Buffer Overflow +145
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Aqt1000 Firmware +48
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Denial Of Service Apq8009 Firmware +233
NVD
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy