Total
161 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21628 | 1 Qualcomm | 566 Apq8017, Apq8017 Firmware, Apq8064au and 563 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
|
|||||
| CVE-2022-40532 | 1 Qualcomm | 706 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 703 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
|
|||||
| CVE-2022-40531 | 1 Qualcomm | 568 Apq8009, Apq8009 Firmware, Apq8017 and 565 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
|
|||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
|
|||||
| CVE-2022-40527 | 1 Qualcomm | 198 Ar8035, Ar8035 Firmware, Csr8811 and 195 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
|
|||||
| CVE-2022-40514 | 1 Qualcomm | 456 Aqt1000, Aqt1000 Firmware, Ar8031 and 453 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
|
|||||
| CVE-2022-40513 | 1 Qualcomm | 118 Csr8811, Csr8811 Firmware, Ipq5010 and 115 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos state.
|
|||||
| CVE-2022-40512 | 1 Qualcomm | 590 Apq8009, Apq8009 Firmware, Apq8017 and 587 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
|
|||||
| CVE-2022-40502 | 1 Qualcomm | 192 Csr8811, Csr8811 Firmware, Ipq5010 and 189 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to improper input validation in WLAN Host.
|
|||||
| CVE-2022-34146 | 1 Qualcomm | 194 Csr8811, Csr8811 Firmware, Ipq5010 and 191 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
|
|||||
| CVE-2022-34145 | 1 Qualcomm | 188 Csr8811, Csr8811 Firmware, Ipq5010 and 185 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
|
|||||
| CVE-2022-33309 | 1 Qualcomm | 130 Csr8811, Csr8811 Firmware, Ipq5010 and 127 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.
|
|||||
| CVE-2022-33306 | 1 Qualcomm | 262 Ar8035, Ar8035 Firmware, Ar9380 and 259 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
|
|||||
| CVE-2022-33279 | 1 Qualcomm | 148 Ar9380, Ar9380 Firmware, Csr8811 and 145 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
|
|||||
| CVE-2022-33277 | 1 Qualcomm | 486 Aqt1000, Aqt1000 Firmware, Ar8031 and 483 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
|
|||||
| CVE-2022-33275 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 515 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
|
|||||
| CVE-2022-33271 | 1 Qualcomm | 490 Apq8096au, Apq8096au Firmware, Aqt1000 and 487 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
|
|||||
| CVE-2022-33243 | 1 Qualcomm | 314 Apq8096au, Apq8096au Firmware, Aqt1000 and 311 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption due to improper access control in Qualcomm IPC.
|
|||||
| CVE-2022-25655 | 1 Qualcomm | 476 Apq8009, Apq8009 Firmware, Apq8017 and 473 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
|
|||||
| CVE-2022-25652 | 1 Qualcomm | 120 Csr8811, Csr8811 Firmware, Ipq5010 and 117 more | 2024-11-21 | N/A | 9.0 CRITICAL |
|
Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2022-22076 | 1 Qualcomm | 696 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8953pro and 693 more | 2024-11-21 | N/A | 7.1 HIGH |
|
information disclosure due to cryptographic issue in Core during RPMB read request.
|
|||||
| CVE-2021-35129 | 1 Qualcomm | 90 Ar8035, Ar8035 Firmware, Ipq5010 and 87 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-35103 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Ar9380 and 295 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-35088 | 1 Qualcomm | 370 Aqt1000, Aqt1000 Firmware, Ar8035 and 367 more | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
|
Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-35071 | 1 Qualcomm | 342 Aqt1000, Aqt1000 Firmware, Ar8035 and 339 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-35069 | 1 Qualcomm | 382 Apq8096au, Apq8096au Firmware, Aqt1000 and 379 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30335 | 1 Qualcomm | 348 Apq8009w, Apq8009w Firmware, Aqt1000 and 345 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30325 | 1 Qualcomm | 318 Apq8096au, Apq8096au Firmware, Ar8031 and 315 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30324 | 1 Qualcomm | 302 Apq8096au, Apq8096au Firmware, Ar8031 and 299 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30303 | 1 Qualcomm | 478 Apq8009, Apq8009 Firmware, Apq8017 and 475 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30272 | 1 Qualcomm | 392 Apq8009w, Apq8009w Firmware, Apq8017 and 389 more | 2024-11-21 | 7.2 HIGH | 7.3 HIGH |
|
Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30271 | 1 Qualcomm | 332 Apq8009w, Apq8009w Firmware, Apq8017 and 329 more | 2024-11-21 | 7.2 HIGH | 7.3 HIGH |
|
Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2024-33014 | 1 Qualcomm | 650 315 5g Iot Modem, 315 5g Iot Modem Firmware, 860 Mobile Platform and 647 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing ESP IE from beacon/probe response frame.
|
|||||
| CVE-2024-33015 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Csr8811 and 387 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
|
|||||
| CVE-2024-33025 | 1 Qualcomm | 338 Csr8811, Csr8811 Firmware, Fastconnect 6800 and 335 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
|
|||||
| CVE-2024-33024 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Csr8811 and 359 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
|
|||||
| CVE-2024-33018 | 1 Qualcomm | 302 Ar8035, Ar8035 Firmware, Csr8811 and 299 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.
|
|||||
| CVE-2024-33026 | 1 Qualcomm | 330 Ar8035, Ar8035 Firmware, Csr8811 and 327 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
|
|||||
| CVE-2024-33019 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the received TID-to-link mapping action frame.
|
|||||
| CVE-2024-38408 | 1 Qualcomm | 470 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 467 more | 2024-11-08 | N/A | 9.1 CRITICAL |
|
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
|||||