Lucene search

Qca2062 Firmware Security Vulnerabilities

cve

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...

9.8CVSS

8.1AI Score

0.002EPSS

2021-09-08 12:15 PM

cve

CVE-2021-1903

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

5.3CVSS

5.5AI Score

0.001EPSS

2021-11-12 07:15 AM

cve

CVE-2021-1937

Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobi...

7.5CVSS

7.6AI Score

0.001EPSS

2021-06-09 07:15 AM

cve

CVE-2021-1938

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

7.5CVSS

7.6AI Score

0.001EPSS

2021-07-13 06:15 AM

cve

CVE-2021-1941

Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...

7.5CVSS

7.6AI Score

0.001EPSS

2021-09-09 08:15 AM

cve

CVE-2021-1948

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon ...

7.5CVSS

7.5AI Score

0.001EPSS

2021-09-09 08:15 AM

cve

CVE-2021-1953

Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon M...

7.5CVSS

7.6AI Score

0.001EPSS

2021-07-13 06:15 AM

cve

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS

6.5AI Score

0.001EPSS

2021-09-09 08:15 AM

cve

CVE-2021-1971

Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.5CVSS

7.4AI Score

0.001EPSS

2021-09-09 08:15 AM

cve

CVE-2021-1980

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

9.1CVSS

7.6AI Score

0.002EPSS

2021-10-20 07:15 AM

cve

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

8.4CVSS

8AI Score

0.0004EPSS

2021-09-17 07:15 AM

cve

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, ...

7.8CVSS

7.7AI Score

0.0004EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30288

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon M...

8.4CVSS

7.4AI Score

0.0004EPSS

2021-10-20 07:15 AM

cve

CVE-2021-30302

Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrast...

7.5CVSS

7.3AI Score

0.001EPSS

2021-10-20 07:15 AM

cve

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7.8CVSS

8AI Score

0.0004EPSS

2022-01-03 08:15 AM

cve

CVE-2021-30304

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

9.1CVSS

9.1AI Score

0.002EPSS

2021-10-20 07:15 AM

cve

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS

6.5AI Score

0.001EPSS

2022-01-03 08:15 AM

cve

CVE-2021-35129

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS

8AI Score

0.0004EPSS

2022-06-14 10:15 AM

cve

CVE-2022-25663

Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

5.5CVSS

5.8AI Score

0.0004EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25736

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.5CVSS

7.5AI Score

0.001EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS

7.7AI Score

0.001EPSS

2022-10-19 11:15 AM

cve

CVE-2022-33235

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

8.2CVSS

7.7AI Score

0.001EPSS

2022-12-13 04:15 PM

cve

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

7.5CVSS

7.7AI Score

0.001EPSS

2022-11-15 10:15 AM

cve

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...

7.5CVSS

7.6AI Score

0.001EPSS

2022-12-13 04:15 PM

cve

CVE-2022-33239

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

7.5CVSS

7.6AI Score

0.001EPSS

2022-11-15 10:15 AM

cve

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

8.2CVSS

5.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

7.5CVSS

5.6AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS

7.7AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-02-12 04:15 AM

cve

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

8.2CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

8.2CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

7.5CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

7.5CVSS

6.5AI Score

0.0005EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33306

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

7.5CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

7.5CVSS

7.6AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

9.8CVSS

9.6AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

8.4CVSS

8AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS

7.7AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-04-13 07:15 AM

cve

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-06 08:15 AM

cve

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-06 08:15 AM

cve

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM

Total number of security vulnerabilities67