Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Qca4004 Firmware Security Vulnerabilities

cve
cve

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS

7AI Score

0.0004EPSS

2023-03-10 09:15 PM
38
cve
cve

CVE-2022-33258

Information disclosure due to buffer over-read in modem while reading configuration parameters.

8.2CVSS

7.5AI Score

0.001EPSS

2023-04-13 07:15 AM
35
cve
cve

CVE-2022-33259

Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.

9.8CVSS

9.6AI Score

0.001EPSS

2023-04-13 07:15 AM
37
cve
cve

CVE-2022-33287

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

8.2CVSS

7.5AI Score

0.001EPSS

2023-04-13 07:15 AM
31
cve
cve

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS

6.8AI Score

0.001EPSS

2023-04-13 07:15 AM
41
cve
cve

CVE-2022-33291

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

8.2CVSS

7.4AI Score

0.001EPSS

2023-04-13 07:15 AM
303
2
cve
cve

CVE-2022-33294

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.

7.5CVSS

7.5AI Score

0.001EPSS

2023-04-13 07:15 AM
204
2
cve
cve

CVE-2022-33295

Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.

8.2CVSS

7.5AI Score

0.001EPSS

2023-04-13 07:15 AM
46
cve
cve

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-04-13 07:15 AM
49
cve
cve

CVE-2022-33304

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

7.5CVSS

7.5AI Score

0.001EPSS

2023-05-02 06:15 AM
33
cve
cve

CVE-2022-40505

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.

8.2CVSS

7.5AI Score

0.001EPSS

2023-05-02 06:15 AM
35
cve
cve

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-06-06 08:15 AM
34
cve
cve

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-01-09 08:15 AM
37
cve
cve

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

8.4CVSS

8AI Score

0.0004EPSS

2023-01-09 08:15 AM
16
cve
cve

CVE-2022-40518

Information disclosure due to buffer overread in Core

6.8CVSS

5.5AI Score

0.0004EPSS

2023-01-09 08:15 AM
26
cve
cve

CVE-2022-40519

Information disclosure due to buffer overread in Core

6.8CVSS

5.5AI Score

0.0004EPSS

2023-01-09 08:15 AM
20
cve
cve

CVE-2022-40520

Memory corruption due to stack-based buffer overflow in Core

8.4CVSS

8AI Score

0.0004EPSS

2023-01-09 08:15 AM
28
cve
cve

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-06 08:15 AM
45
cve
cve

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

7.1CVSS

5.4AI Score

0.0004EPSS

2023-06-06 08:15 AM
40
cve
cve

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS

7.7AI Score

0.0004EPSS

2023-03-10 09:15 PM
45
cve
cve

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-04-13 07:15 AM
58
cve
cve

CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS response.

8.2CVSS

7.4AI Score

0.001EPSS

2023-08-08 10:15 AM
45
cve
cve

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS

7AI Score

0.0004EPSS

2023-08-08 10:15 AM
50
cve
cve

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

9.8CVSS

9.4AI Score

0.001EPSS

2023-07-04 05:15 AM
50
cve
cve

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

9.3CVSS

7.5AI Score

0.0004EPSS

2023-08-08 10:15 AM
42
cve
cve

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

9.8CVSS

9.3AI Score

0.001EPSS

2023-10-03 06:15 AM
36
cve
cve

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

9.8CVSS

9.3AI Score

0.001EPSS

2023-11-07 06:15 AM
50
cve
cve

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS

7.5AI Score

0.0004EPSS

2023-11-07 06:15 AM
36
cve
cve

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

8.2CVSS

7.7AI Score

0.0004EPSS

2023-11-07 06:15 AM
35
cve
cve

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-12-05 03:15 AM
24
cve
cve

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM
30
cve
cve

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-12-05 03:15 AM
27
cve
cve

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-11-07 06:15 AM
40
cve
cve

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-09-05 07:15 AM
33
cve
cve

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

6.1CVSS

5.5AI Score

0.0004EPSS

2023-11-07 06:15 AM
45
cve
cve

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-09-05 07:15 AM
24
cve
cve

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

8.8CVSS

8.8AI Score

0.0004EPSS

2023-12-05 03:15 AM
32
cve
cve

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS

6.4AI Score

0.0004EPSS

2023-12-05 03:15 AM
27
cve
cve

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

7.8CVSS

7.7AI Score

0.0004EPSS

2023-12-05 03:15 AM
25
cve
cve

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM
32
cve
cve

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

9.3CVSS

7.8AI Score

0.0004EPSS

2024-01-02 06:15 AM
30
cve
cve

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

9.3CVSS

7.7AI Score

0.0004EPSS

2024-01-02 06:15 AM
33
cve
cve

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

8.4CVSS

7.8AI Score

0.0004EPSS

2024-01-02 06:15 AM
30
cve
cve

CVE-2023-33072

Memory corruption in Core while processing control functions.

9.3CVSS

7.8AI Score

0.0004EPSS

2024-02-06 06:16 AM
37
Total number of security vulnerabilities144