Total
163 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33112 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
|
|||||
| CVE-2025-21446 | 1 Qualcomm | 480 Ar8035, Ar8035 Firmware, Ar9380 and 477 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
|
|||||
| CVE-2024-49839 | 1 Qualcomm | 372 Ar8035, Ar8035 Firmware, Csr8811 and 369 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption during management frame processing due to mismatch in T2LM info element.
|
|||||
| CVE-2023-28554 | 1 Qualcomm | 296 Aqt1000, Aqt1000 Firmware, Ar9380 and 293 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
|
|||||
| CVE-2023-28570 | 1 Qualcomm | 168 Aqt1000, Aqt1000 Firmware, Ar8035 and 165 more | 2025-08-11 | N/A | 6.7 MEDIUM |
|
Memory corruption while processing audio effects.
|
|||||
| CVE-2023-33098 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 523 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
|
|||||
| CVE-2023-28539 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Ar9380 and 311 more | 2025-08-11 | N/A | 6.6 MEDIUM |
|
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
|
|||||
| CVE-2023-33080 | 1 Qualcomm | 732 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 729 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
|
|||||
| CVE-2023-24854 | 1 Qualcomm | 326 215, 215 Firmware, Ar8035 and 323 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.
|
|||||
| CVE-2023-33027 | 1 Qualcomm | 656 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 653 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing rsn ies.
|
|||||
| CVE-2024-33049 | 1 Qualcomm | 262 Csr8811, Csr8811 Firmware, Fastconnect 6700 and 259 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
|
|||||
| CVE-2024-38397 | 1 Qualcomm | 232 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 229 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing probe response and assoc response frame.
|
|||||
| CVE-2023-24851 | 1 Qualcomm | 382 Ar8035, Ar8035 Firmware, Csr8811 and 379 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
|
|||||
| CVE-2023-33109 | 1 Qualcomm | 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 617 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
|
|||||
| CVE-2023-33026 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Ar9380 and 387 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing a NAN management frame.
|
|||||
| CVE-2023-43533 | 1 Qualcomm | 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 473 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
|
|||||
| CVE-2024-33048 | 1 Qualcomm | 378 Ar8035, Ar8035 Firmware, Csr8811 and 375 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
|
|||||
| CVE-2023-33047 | 1 Qualcomm | 356 Ar8035, Ar8035 Firmware, Ar9380 and 353 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing no-inherit IES.
|
|||||
| CVE-2025-21459 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 245 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing per STA profile in ML IE.
|
|||||
| CVE-2023-22386 | 1 Qualcomm | 402 215, 215 Firmware, Ar8035 and 399 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
|
|||||
| CVE-2024-33073 | 1 Qualcomm | 318 Ar8035, Ar8035 Firmware, Csr8811 and 315 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
|
|||||
| CVE-2023-28587 | 1 Qualcomm | 380 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 377 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
|
|||||
| CVE-2022-25736 | 1 Qualcomm | 486 Aqt1000, Aqt1000 Firmware, Ar8031 and 483 more | 2025-05-09 | N/A | 7.5 HIGH |
|
Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-25720 | 1 Qualcomm | 370 Apq8009, Apq8009 Firmware, Apq8009w and 367 more | 2025-05-09 | N/A | 9.8 CRITICAL |
|
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2022-25718 | 1 Qualcomm | 284 Apq8009, Apq8009 Firmware, Apq8009w and 281 more | 2025-05-09 | N/A | 9.1 CRITICAL |
|
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-33239 | 1 Qualcomm | 468 Apq8009, Apq8009 Firmware, Apq8017 and 465 more | 2025-04-22 | N/A | 7.5 HIGH |
|
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-33237 | 1 Qualcomm | 476 Aqt1000, Aqt1000 Firmware, Ar8031 and 473 more | 2025-04-22 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-33235 | 1 Qualcomm | 492 Apq8009, Apq8009 Firmware, Apq8096au and 489 more | 2025-04-22 | N/A | 8.2 HIGH |
|
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-25749 | 1 Qualcomm | 552 Apq8009, Apq8009 Firmware, Apq8017 and 549 more | 2025-04-22 | N/A | 7.5 HIGH |
|
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-25748 | 1 Qualcomm | 546 Apq8009, Apq8009 Firmware, Apq8017 and 543 more | 2025-04-22 | N/A | 9.8 CRITICAL |
|
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-25741 | 1 Qualcomm | 250 Aqt1000, Aqt1000 Firmware, Ar8035 and 247 more | 2025-04-22 | N/A | 7.5 HIGH |
|
Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
|
|||||
| CVE-2022-33238 | 1 Qualcomm | 568 Apq8009, Apq8009 Firmware, Apq8017 and 565 more | 2025-04-22 | N/A | 7.5 HIGH |
|
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-33276 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | N/A | 8.4 HIGH |
|
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
|
|||||
| CVE-2022-33253 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
|
|||||
| CVE-2022-33252 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | N/A | 8.2 HIGH |
|
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
|
|||||
| CVE-2022-33286 | 1 Qualcomm | 562 Apq8009, Apq8009 Firmware, Apq8017 and 559 more | 2025-04-09 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
|
|||||
| CVE-2022-33285 | 1 Qualcomm | 556 Apq8009, Apq8009 Firmware, Apq8017 and 553 more | 2025-04-09 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
|
|||||
| CVE-2022-33284 | 1 Qualcomm | 352 Aqt1000, Aqt1000 Firmware, Ar8035 and 349 more | 2025-04-09 | N/A | 8.2 HIGH |
|
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
|
|||||
| CVE-2022-33283 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | N/A | 8.2 HIGH |
|
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
|
|||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | N/A | 8.2 HIGH |
|
Information disclosure while parsing the OCI IE with invalid length.
|
|||||