Total
163 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47402 | 1 Qualcomm | 188 Ar8035, Ar8035 Firmware, Cologne and 185 more | 2026-02-11 | N/A | 6.5 MEDIUM |
|
Transient DOS when processing a received frame with an excessively large authentication information element.
|
|||||
| CVE-2025-21429 | 1 Qualcomm | 364 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 361 more | 2026-02-10 | N/A | 7.5 HIGH |
|
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
|
|||||
| CVE-2025-21463 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-11-28 | N/A | 7.5 HIGH |
|
Transient DOS while processing the EHT operation IE in the received beacon frame.
|
|||||
| CVE-2025-47318 | 1 Qualcomm | 406 Apq8017, Apq8017 Firmware, Apq8064au and 403 more | 2025-11-28 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the EPTM test control message to get the test pattern.
|
|||||
| CVE-2025-27066 | 1 Qualcomm | 744 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 741 more | 2025-11-28 | N/A | 7.5 HIGH |
|
Transient DOS while processing an ANQP message.
|
|||||
| CVE-2025-47370 | 1 Qualcomm | 272 Ar8035, Ar8035 Firmware, Csrb31024 and 269 more | 2025-11-05 | N/A | 6.5 MEDIUM |
|
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.
|
|||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS may occur while parsing SSID in action frames.
|
|||||
| CVE-2025-21435 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS may occur while parsing extended IE in beacon.
|
|||||
| CVE-2025-21434 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 241 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
|
|||||
| CVE-2025-21430 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 447 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
|
|||||
| CVE-2025-21428 | 1 Qualcomm | 138 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 135 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
|
|||||
| CVE-2024-23364 | 1 Qualcomm | 358 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 355 more | 2025-10-03 | N/A | 7.5 HIGH |
|
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).
|
|||||
| CVE-2025-27057 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-09-25 | N/A | 7.5 HIGH |
|
Transient DOS while handling beacon frames with invalid IE header length.
|
|||||
| CVE-2025-27073 | 1 Qualcomm | 340 Ar8035, Ar8035 Firmware, Csr8811 and 337 more | 2025-08-20 | N/A | 7.5 HIGH |
|
Transient DOS while creating NDP instance.
|
|||||
| CVE-2025-27065 | 1 Qualcomm | 300 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 297 more | 2025-08-20 | N/A | 7.5 HIGH |
|
Transient DOS while processing a frame with malformed shared-key descriptor.
|
|||||
| CVE-2024-21459 | 1 Qualcomm | 350 Ar8035, Ar8035 Firmware, Ar9380 and 347 more | 2025-08-15 | N/A | 6.5 MEDIUM |
|
Information disclosure while handling beacon or probe response frame in STA.
|
|||||
| CVE-2023-28566 | 1 Qualcomm | 250 Aqt1000, Aqt1000 Firmware, Csrb31024 and 247 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information disclosure in WLAN HAL while handling the WMI state info command.
|
|||||
| CVE-2023-28542 | 1 Qualcomm | 376 315 5g Iot, 315 5g Iot Firmware, Apq8064au and 373 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory Corruption in WLAN HOST while fetching TX status information.
|
|||||
| CVE-2023-28541 | 1 Qualcomm | 398 Aqt1000, Aqt1000 Firmware, Ar8031 and 395 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
|
|||||
| CVE-2023-28571 | 1 Qualcomm | 172 8098, 8098 Firmware, 8998 and 169 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.
|
|||||
| CVE-2023-43520 | 1 Qualcomm | 140 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 137 more | 2025-08-11 | N/A | 8.6 HIGH |
|
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
|
|||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
|
|||||
| CVE-2024-53027 | 1 Qualcomm | 424 205, 205 Firmware, Apq8017 and 421 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS may occur while processing the country IE.
|
|||||
| CVE-2023-33113 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
|
|||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2025-08-11 | N/A | 8.6 HIGH |
|
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
|
|||||
| CVE-2023-43522 | 1 Qualcomm | 572 Aqt1000, Aqt1000 Firmware, Ar8035 and 569 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
|
|||||
| CVE-2023-28569 | 1 Qualcomm | 416 Aqt1000, Aqt1000 Firmware, Ar9380 and 413 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information disclosure in WLAN HAL while handling command through WMI interfaces.
|
|||||
| CVE-2023-43511 | 1 Qualcomm | 712 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 709 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
|
|||||
| CVE-2024-33050 | 1 Qualcomm | 514 Ar8035, Ar8035 Firmware, Ar9380 and 511 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
|
|||||
| CVE-2023-33062 | 1 Qualcomm | 580 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 577 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing a BTM request.
|
|||||
| CVE-2023-43552 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-08-11 | N/A | 9.8 CRITICAL |
|
Memory corruption while processing MBSSID beacon containing several subelement IE.
|
|||||
| CVE-2024-33051 | 1 Qualcomm | 578 315 5g Iot, 315 5g Iot Firmware, 9206 Lte and 575 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
|
|||||
| CVE-2023-28550 | 1 Qualcomm | 670 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 667 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
|
|||||
| CVE-2023-33028 | 1 Qualcomm | 352 Ar8035, Ar8035 Firmware, Ar9380 and 349 more | 2025-08-11 | N/A | 9.8 CRITICAL |
|
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
|
|||||
| CVE-2023-43536 | 1 Qualcomm | 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parse fils IE with length equal to 1.
|
|||||
| CVE-2023-33089 | 1 Qualcomm | 456 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 453 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
|
|||||
| CVE-2023-28563 | 1 Qualcomm | 460 Aqt1000, Aqt1000 Firmware, Ar8031 and 457 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information disclosure in IOE Firmware while handling WMI command.
|
|||||
| CVE-2023-43537 | 1 Qualcomm | 224 Ar8035, Ar8035 Firmware, Csr8811 and 221 more | 2025-08-11 | N/A | 6.5 MEDIUM |
|
Information disclosure while handling T2LM Action Frame in WLAN Host.
|
|||||
| CVE-2023-33088 | 1 Qualcomm | 612 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 609 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when processing cmd parameters while parsing vdev.
|
|||||
| CVE-2024-33057 | 1 Qualcomm | 342 Ar8035, Ar8035 Firmware, Csr8811 and 339 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
|
|||||