Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-28575 | 1 Qualcomm | 120 205, 205 Firmware, 215 and 117 more | 2024-04-12 | N/A | 7.8 HIGH |
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. | |||||
CVE-2023-28564 | 1 Qualcomm | 498 Aqt1000, Aqt1000 Firmware, Ar8031 and 495 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. | |||||
CVE-2023-24855 | 1 Qualcomm | 126 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 123 more | 2024-04-12 | N/A | 9.8 CRITICAL |
Memory corruption in Modem while processing security related configuration before AS Security Exchange. | |||||
CVE-2023-22388 | 1 Qualcomm | 458 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 455 more | 2024-04-12 | N/A | 9.8 CRITICAL |
Memory Corruption in Multi-mode Call Processor while processing bit mask API. | |||||
CVE-2023-22387 | 1 Qualcomm | 542 205, 205 Firmware, 215 and 539 more | 2024-04-12 | N/A | 7.8 HIGH |
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | |||||
CVE-2022-33246 | 1 Qualcomm | 84 Apq8096au, Apq8096au Firmware, Aqt1000 and 81 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id. | |||||
CVE-2022-25709 | 1 Qualcomm | 136 Ar8035, Ar8035 Firmware, Qca6174a and 133 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg | |||||
CVE-2022-25694 | 1 Qualcomm | 416 Apq8009, Apq8009 Firmware, Apq8009w and 413 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM | |||||
CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2024-04-12 | N/A | 9.8 CRITICAL |
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | |||||
CVE-2023-43516 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption when malformed message payload is received from firmware. | |||||
CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | |||||
CVE-2023-33110 | 1 Qualcomm | 246 Snapdragon 425 Mobile Platform, Snapdragon 425 Mobile Platform Firmware, Snapdragon 427 Mobile Platform and 243 more | 2024-04-12 | N/A | 7.0 HIGH |
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. | |||||
CVE-2023-33106 | 1 Qualcomm | 306 Ar8035, Ar8035 Firmware, Csra6620 and 303 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | |||||
CVE-2023-33079 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Audio while running invalid audio recording from ADSP. | |||||
CVE-2023-33067 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | |||||
CVE-2023-33033 | 1 Qualcomm | 528 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 525 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Audio during playback with speaker protection. | |||||
CVE-2023-43553 | 2024-04-12 | N/A | 9.8 CRITICAL | ||
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. | |||||
CVE-2023-33066 | 2024-04-12 | N/A | 8.4 HIGH | ||
Memory corruption in Audio while processing RT proxy port register driver. | |||||
CVE-2024-1013 | 2024-03-18 | N/A | 7.1 HIGH | ||
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken. | |||||
CVE-2023-20187 | 1 Cisco | 8 Asr1000-esp100, Asr1000-esp200, Asr1000-esp40 and 5 more | 2024-01-25 | N/A | 7.5 HIGH |
A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition. |