Mdm9650 Firmware Security Vulnerabilities
Memory corruption in Audio while processing IIR config data from AFE calibration...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Audio while processing the calibration data returned from ACDB...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap...
7.8CVSS
7.9AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
7.1CVSS
6.8AI Score
0.0004EPSS
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next...
7.5CVSS
7.5AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption when resource manager sends the host kernel a reply message with multiple...
8.4CVSS
7.7AI Score
0.0004EPSS
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA...
7.5CVSS
7.5AI Score
0.0005EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management...
7.5CVSS
7.5AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in...
6.5CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data...
7.8CVSS
7.8AI Score
0.0004EPSS
6.1CVSS
5.5AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...
6.1CVSS
5.5AI Score
0.0004EPSS
8.2CVSS
7.3AI Score
0.001EPSS
8.4CVSS
7.9AI Score
0.0004EPSS
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA...
7.5CVSS
7.5AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA...
7.5CVSS
7.5AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Information disclosure in Network Services due to buffer over-read while the device receives DNS...
8.2CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS...
9.8CVSS
9.6AI Score
0.001EPSS
Memory Corruption in Data Modem while processing DMA buffer release event about CFR...
7.8CVSS
7.7AI Score
0.0004EPSS
6.8CVSS
6.6AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.9AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...
7.9CVSS
8AI Score
0.001EPSS
7.1CVSS
5.2AI Score
0.0004EPSS
Memory Corruption in Graphics while accessing a buffer allocated through the graphics...
8.4CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to...
8.4CVSS
7.9AI Score
0.0004EPSS
8.2CVSS
7.4AI Score
0.001EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...
6.8CVSS
6.8AI Score
0.001EPSS
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata...
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP...
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID...
8.4CVSS
7.7AI Score
0.0004EPSS
6.2CVSS
5.3AI Score
0.0004EPSS