Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP...
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update...
7.8CVSS
8AI Score
0.0004EPSS
Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI...
7.8CVSS
7.9AI Score
0.0004EPSS
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration...
5.9CVSS
5.7AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to stack based buffer overflow in core while sending command from USB of large...
7.8CVSS
8AI Score
0.001EPSS
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE...
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi...
7.8CVSS
8AI Score
0.0004EPSS
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption in FM Host due to buffer copy without checking the size of input in FM...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Linux android due to double free while calling unregister provider after register...
7.8CVSS
7.8AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Modem while using static array to process IPv4...
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl...
7.8CVSS
7.8AI Score
0.0004EPSS
8.8CVSS
9.3AI Score
0.001EPSS
Memory corruption in modem due to improper input validation while handling the incoming CoAP...
9.8CVSS
9.5AI Score
0.001EPSS
Information disclosure in modem due to buffer over-read while processing packets from DNS...
7.5CVSS
7.5AI Score
0.001EPSS
Denial of service in modem due to missing null check while processing IP packets with...
7.5CVSS
7.4AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response...
7.5CVSS
7.4AI Score
0.001EPSS
Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services...
7.5CVSS
7.4AI Score
0.0004EPSS
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory...
7CVSS
7.3AI Score
0.0004EPSS
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from...
7.5CVSS
7.5AI Score
0.0005EPSS
Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...
7.8CVSS
7.7AI Score
0.0004EPSS
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management...
7.5CVSS
7.4AI Score
0.0004EPSS
Memory corruption in Audio while processing IIR config data from AFE calibration...
7.8CVSS
7.6AI Score
0.0004EPSS
5.5CVSS
7.6AI Score
0.0004EPSS
5.5CVSS
7.4AI Score
0.0004EPSS
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB...
5.5CVSS
7.4AI Score
0.0004EPSS
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI...
5.5CVSS
7.4AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal...
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in...
9.8CVSS
7.6AI Score
0.001EPSS
Memory corruption while processing a QMI request for allocating memory from a DHMS supported...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics...
8.4CVSS
7.6AI Score
0.0004EPSS
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in...
7.5CVSS
7.4AI Score
0.0005EPSS
Memory corruption in Data Modem while verifying hello-verify message during the DTLS...
9.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement...
7.5CVSS
7.5AI Score
0.0005EPSS
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to...
7CVSS
6.9AI Score
0.0004EPSS
7.8CVSS
7.4AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS