Total
32 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47402 | 1 Qualcomm | 188 Ar8035, Ar8035 Firmware, Cologne and 185 more | 2026-02-11 | N/A | 6.5 MEDIUM |
|
Transient DOS when processing a received frame with an excessively large authentication information element.
|
|||||
| CVE-2025-21429 | 1 Qualcomm | 364 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 361 more | 2026-02-10 | N/A | 7.5 HIGH |
|
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
|
|||||
| CVE-2025-21463 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-11-28 | N/A | 7.5 HIGH |
|
Transient DOS while processing the EHT operation IE in the received beacon frame.
|
|||||
| CVE-2025-27066 | 1 Qualcomm | 744 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 741 more | 2025-11-28 | N/A | 7.5 HIGH |
|
Transient DOS while processing an ANQP message.
|
|||||
| CVE-2025-47370 | 1 Qualcomm | 272 Ar8035, Ar8035 Firmware, Csrb31024 and 269 more | 2025-11-05 | N/A | 6.5 MEDIUM |
|
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.
|
|||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS may occur while parsing SSID in action frames.
|
|||||
| CVE-2025-21435 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS may occur while parsing extended IE in beacon.
|
|||||
| CVE-2025-21434 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 241 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
|
|||||
| CVE-2025-21430 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 447 more | 2025-10-06 | N/A | 7.5 HIGH |
|
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
|
|||||
| CVE-2024-23364 | 1 Qualcomm | 358 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 355 more | 2025-10-03 | N/A | 7.5 HIGH |
|
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).
|
|||||
| CVE-2025-27057 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-09-25 | N/A | 7.5 HIGH |
|
Transient DOS while handling beacon frames with invalid IE header length.
|
|||||
| CVE-2025-27073 | 1 Qualcomm | 340 Ar8035, Ar8035 Firmware, Csr8811 and 337 more | 2025-08-20 | N/A | 7.5 HIGH |
|
Transient DOS while creating NDP instance.
|
|||||
| CVE-2025-27065 | 1 Qualcomm | 300 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 297 more | 2025-08-20 | N/A | 7.5 HIGH |
|
Transient DOS while processing a frame with malformed shared-key descriptor.
|
|||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
|
|||||
| CVE-2024-53027 | 1 Qualcomm | 424 205, 205 Firmware, Apq8017 and 421 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS may occur while processing the country IE.
|
|||||
| CVE-2024-33050 | 1 Qualcomm | 514 Ar8035, Ar8035 Firmware, Ar9380 and 511 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
|
|||||
| CVE-2024-33057 | 1 Qualcomm | 342 Ar8035, Ar8035 Firmware, Csr8811 and 339 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
|
|||||
| CVE-2025-21446 | 1 Qualcomm | 480 Ar8035, Ar8035 Firmware, Ar9380 and 477 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
|
|||||
| CVE-2024-49839 | 1 Qualcomm | 372 Ar8035, Ar8035 Firmware, Csr8811 and 369 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption during management frame processing due to mismatch in T2LM info element.
|
|||||
| CVE-2024-33049 | 1 Qualcomm | 262 Csr8811, Csr8811 Firmware, Fastconnect 6700 and 259 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
|
|||||
| CVE-2024-33048 | 1 Qualcomm | 378 Ar8035, Ar8035 Firmware, Csr8811 and 375 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
|
|||||
| CVE-2025-21459 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 245 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing per STA profile in ML IE.
|
|||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | N/A | 8.2 HIGH |
|
Information disclosure while parsing the OCI IE with invalid length.
|
|||||
| CVE-2024-45571 | 1 Qualcomm | 300 Ar8035, Ar8035 Firmware, Csr8811 and 297 more | 2025-02-05 | N/A | 7.8 HIGH |
|
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
|
|||||
| CVE-2024-45569 | 1 Qualcomm | 348 Ar8035, Ar8035 Firmware, Csr8811 and 345 more | 2025-02-05 | N/A | 9.8 CRITICAL |
|
Memory corruption while parsing the ML IE due to invalid frame content.
|
|||||
| CVE-2024-33063 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 245 more | 2024-12-12 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
|
|||||
| CVE-2024-33056 | 1 Qualcomm | 658 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 655 more | 2024-12-12 | N/A | 8.4 HIGH |
|
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
|
|||||
| CVE-2024-38408 | 1 Qualcomm | 470 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 467 more | 2024-11-08 | N/A | 9.1 CRITICAL |
|
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
|||||
| CVE-2024-33068 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 241 more | 2024-11-07 | N/A | 6.5 MEDIUM |
|
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
|
|||||
| CVE-2024-38403 | 1 Qualcomm | 156 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 153 more | 2024-11-07 | N/A | 6.5 MEDIUM |
|
Transient DOS while parsing BTM ML IE when per STA profile is not included.
|
|||||
| CVE-2024-38405 | 1 Qualcomm | 198 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 195 more | 2024-11-07 | N/A | 6.5 MEDIUM |
|
Transient DOS while processing the CU information from RNR IE.
|
|||||
| CVE-2024-33069 | 1 Qualcomm | 88 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 85 more | 2024-10-16 | N/A | 7.5 HIGH |
|
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.
|
|||||