Total
68 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21657 | 1 Qualcomm | 252 Csra6620, Csra6620 Firmware, Csra6640 and 249 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memoru corruption in Audio when ADSP sends input during record use case. | |||||
| CVE-2022-40533 | 1 Qualcomm | 220 Csra6620, Csra6620 Firmware, Csra6640 and 217 more | 2024-04-12 | N/A | 5.5 MEDIUM |
| Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request. | |||||
| CVE-2022-40532 | 1 Qualcomm | 706 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 703 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | |||||
| CVE-2022-40529 | 1 Qualcomm | 392 Aqt1000, Aqt1000 Firmware, Ar8031 and 389 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to improper access control in kernel while processing a mapping request from root process. | |||||
| CVE-2022-40523 | 1 Qualcomm | 370 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 367 more | 2024-04-12 | N/A | 5.5 MEDIUM |
| Information disclosure in Kernel due to indirect branch misprediction. | |||||
| CVE-2022-40503 | 1 Qualcomm | 370 8905, 8905 Firmware, 8909 and 367 more | 2024-04-12 | N/A | 7.5 HIGH |
| Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. | |||||
| CVE-2022-33288 | 1 Qualcomm | 256 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 253 more | 2024-04-12 | N/A | 8.8 HIGH |
| Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. | |||||
| CVE-2022-33275 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 515 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | |||||
| CVE-2023-43536 | 1 Qualcomm | 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more | 2024-04-12 | N/A | 7.5 HIGH |
| Transient DOS while parse fils IE with length equal to 1. | |||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2024-04-12 | N/A | 9.8 CRITICAL |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | |||||
| CVE-2023-43522 | 1 Qualcomm | 572 Aqt1000, Aqt1000 Firmware, Ar8035 and 569 more | 2024-04-12 | N/A | 7.5 HIGH |
| Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. | |||||
| CVE-2023-43520 | 1 Qualcomm | 140 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 137 more | 2024-04-12 | N/A | 9.8 CRITICAL |
| Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. | |||||
| CVE-2023-43514 | 1 Qualcomm | 166 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 163 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP. | |||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | |||||
| CVE-2023-43511 | 1 Qualcomm | 712 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 709 more | 2024-04-12 | N/A | 7.5 HIGH |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | |||||
| CVE-2023-33120 | 1 Qualcomm | 464 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 461 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Audio when memory map command is executed consecutively in ADSP. | |||||
| CVE-2023-33118 | 1 Qualcomm | 271 Ar8035, Ar8035 Firmware, Csra6620 and 268 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. | |||||
| CVE-2023-33117 | 1 Qualcomm | 282 Ar8035, Ar8035 Firmware, Csra6620 and 279 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. | |||||
| CVE-2023-33116 | 1 Qualcomm | 204 Ar8035, Ar8035 Firmware, Ar9380 and 201 more | 2024-04-12 | N/A | 7.5 HIGH |
| Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. | |||||
| CVE-2023-33114 | 1 Qualcomm | 224 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 221 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. | |||||